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James 

"Arguably the most significant new feature in 
Server 2008 R2 is Live Migration." 



Windows Server 2008 R2's Live Migration 

Will Live Migration help Microsoft dislodge VMware from the enterprise? 


B y some accounts, Microsoft took its share of lumps in 
2008: Windows Vista adoption lagged, the Zune still 
trailed in the mobile audio market, Windows Mobile 
was overshadowed by the surging popularity of 
iPhones and BlackBerrys, and cloud computing looks 
to be another emerging market segment in which 
Microsoft is playing catch-up to more nimble competitors. 

Yet even Microsoft employees have joked that it sometimes takes 
the software giant three times to get things right, an aphorism that 
highlights some of Microsoft's greatest strengths: sheer tenacity and 
a relentless, no-holds-barred approach to improving its products. 
Lotus and WordPerfect used to snigger at that awkward, new-fangled 
GUI called Microsoft Windows 1.0. Today, both of those companies 
are largely footnotes in the pages of computing history, while Micro¬ 
soft dominates the enterprise computing market. 

Such is the case with the Windows Server product line, which has 
come a long way since the days of Windows NT 3.1. The Windows 
Server 2008 R2 beta (released in early January 2009) is loaded with 
features that promise to make the lives of IT pros easier, from Active 
Directory management improvements in the form of the new Active 
Directory Administrative Center and the Active Directory Recycle 
Bin, to other time-saving features such as PowerShell 2.0, PowerShell 
on Server Core, BranchCaching, and DirectAccess. (Read more 
about the improvements Server 2008 R2 brings to the table in 'A 
Look at Windows Server 2008 R2 Features," www.windowsitpro.com, 
InstantDoc I D 101318. ) 

Live Migration: Microsoft's Answer to 
VMware VMotion 

Arguably the most significant new feature in Server 2008 R2 is Live 
Migration, Microsoft's long-awaited answer to VMware's VMotion 
technology. Like VMotion, Live Migration will allow IT pros to move 
virtual machines (VMs) across servers without having to shut them 
down and without any performance degradation. 

"With the initial release of Windows Server 2008, we came out 
with a feature called Quick Migration, which could move workloads 
from one node in a cluster to another in a few seconds," explains 
Ward Ralston, Microsoft group product manager for Windows 
Server. "We didn't implement a feature comparable to VMware's 
VMotion in that release because the nodes in our cluster didn't 
have the ability to talk to the same shared storage. With R2 we've 
implemented a new technology called clustered shared volumes— 


it's a logical subsystem that sits on top of NTFS. Now [we can 
move] virtual workloads from one node in the cluster to another ... 
instantaneously—in milliseconds rather than seconds—and have 
feature parity with VMware." Ralston stresses that Live Migration 
will be included in Server 2008 R2 for free, as opposed to VMotion, 
which VMware sells as a standalone product. (Listen to an audio¬ 
cast of our interview with Ralston or read a transcript of the inter¬ 
view at "Ward Ralston Discusses Windows Server 2008 R2," www 
.windowsitpro.com, InstantDoc I D 101319. ) 

So can Live Migration help Microsoft woo large enterprise 
customers away from VMware's proven combination of VMware 
Infrastructure 3 (VI3) and VMotion? Only time will tell, and 
VMware—now led by former Microsoft executive Paul Maritz—is 
determined to keep a few steps ahead of the Microsoft juggernaut 
and undoubtedly has some new product announcements to make 
in the coming year. But one thing is certain: If Microsoft doesn't 
manage to peel a few enterprises out of VMware's orbit with the first 
iteration of Live Migration, you can bet the software giant will try 
again. And again. And maybe a few more times after that. 

A Return to the Cloud 

In IT Pro Perspective, "Cloud Computing" (January 2009, Instant¬ 
Doc ID 100943) , I asked readers to let me know what they thought 
of cloud computing. I received a number of email messages, phone 
calls, and letters from readers about the topic—too many to list 
here. I've taken excerpts from the best letters and compiled them 
into an online article that reveals the concerns (and expectations) 
readers have about cloud computing; to read the article, "Read¬ 
ers Speak Out on Cloud Computing," go to www.windowsitpro 
.com, InstantDoc ID 101320. 

As always, we'd love to get your take on where you think the IT 
industry is headed. Are you looking forward to the release of Server 
2008 R2? Are you a VMware shop that might consider switching to 
Server 2008 R2 because of the new Live Migration feature? Drop me 
an email with your thoughts, or join our forums, Linlcedln group, or 
Twitter feeds to contribute to the discussion. ^ 

InstantDoc ID 101323 


JEFF JAMES (jjames@windowsitpro.com) is Editor-in-Chief, 
Web Content Strategist for Penton Media's IT Publishing Group. He 
specializes in server OSs, systems management, and server 
virtualization. 
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Fixing an IT Annoyance 

I read Michael Dragone's "Fixing Network 
Problems"(January 2009, InstantDoc 
I D 100660) and wanted to address the 
infamous Microsoft Internet Explorer (IE) 
problem of not connecting to the Internet 
when the user invokes a web page. The 
problem is definitely annoying. To resolve 
the problem, I reinstalled IE 6.0 (the version 
I was using at the time). The reinstalla¬ 
tion involved going to %systemroot%\inf 
and locating the ie.inf file. I right-clicked 
the file and clicked Install. The installation 
prompted me for the Windows CD's i386 
folder; I copy mine locally each time I build 
a machine, so I had it immediately available. 
After the installation and reboot, I didn't 
experience any Internet Explorer cannot 
open the Internet site <web address> mes¬ 
sages. Give this fix a shot; it might fix your 
IT annoyance. 

—David Lawrence 

Real-World Solutions 

Michael Morales's What Would Microsoft 
Support Do? columns are exceptional. He 
presents real-world, practical solutions 
to problems I face every day. I recently 
experienced two problems that he cov¬ 
ered in recent columns: one involving 
Windows Management Instrumentation 
(WMI) that a Microsoft patch resolved, 
and one involving a memory leak that 
caused physical and virtual memory to 
max out. "Resolve Memory Leaks Faster" 
(InstantDoc I D 99933) was a tremendous 
help with the second problem. I now go 
directly to this column when my issue of 
Windows IT Pro arrives. 

—Todd Lester 

Thanks for sharing your appreciation for my 
column! All of us in Escalation Services at 
Microsoft share a strong passion to help people 


solve their problems 
and avoid the dreaded 
support call. However, in 
the real world, a support 
call is often inevitable, 
so one of our goals is to 
arm you with the right 
data that makes the 
experience short and sweet! It's great to hear 
that the column is hitting home. Feel free to 
send me any suggestions for future articles! 

—Michael Morales 

Evangelizing Vista? 

Is Mark Minasi still evangelizing Windows 
Vista for businesses even after corporate IT 
has soundly rejected it? Not one of his "10 
Reasons to Deploy Windows Vista" (Novem¬ 
ber 2008, InstantDoc I D 99986) is a business 
driver. These reasons make much more sense 
for consumers than for businesses. 

—Barry Hohstadt 

Thanks for reading, Barry. When the magazine 
asked me to contribute to its "point/counter¬ 
point" article about deploying Vista, I knew the 
editors would have trouble finding someone to 
cover the "pro-Vista" side, so I chose to write it. 

I must object to your statement that corporate 
IT has rejected Vista. 

I've been extremely 
busy over the past two 
years working with 
clients adopting Vista. 
Regarding my article's 
list of 10 items, you can 
accomplish most of 
those functionalities 
with Windows XP SP3 only by adding a bunch 
of costly third-party software, so I think that at 
least a look at Vista—which bundles a lot of 
useful stuff—is warranted. ^ 

—Mark Minasi 

InstantDoc ID 101293 




Windows IT Pro welcomes feedback about the magazine. Send comments to letters@windows 
itpro.com, and include your full name, email address, and daytime phone number. We edit all 
letters and replies for style, length, and clarity. 


Cloud Computing: 

Storm Brewing 

In his "Cloud Computing" editorial (Janu¬ 
ary 2009, InstantDoc I D 100943) , Jeff 
James asks for reader opinions about 
the debate. Everything I've read about 
cloud computing supports my view that 
it's simply the latest iteration of plain old 
mainframe computing. This isn't the first 
time people have declared the end of the 
desktop/client-server model. Remember 
the noise a few years ago about thin 
clients? 

The marketing argument that busi¬ 
nesses should outsource their cloud 
sounds nutty to me and many others. 
Clouds need to stay in house. IT is core 
business. The idea of giving up custody 
of your data, your customer lists, prod¬ 
uct design files, and so on isn't going 
to appeal to many people. Would you 
outsource your financial planning or 
middle management? Would GM give 
up its design groups or assembly plants 
to a third party that says, "Trust me"? 

If there's a place for cloud computing, 
it's more wisely limited to single office 
organizations, particularly for web-based 
applications. 

Nobody is talking about the impact 
on the WAN of this centralized process¬ 
ing. My agency has about 5,000 users. 

We have 800 in the central office and 
about 175 at a number of regional 
offices. Everyone else is at a location that 
has from 2 to 40 users. Eighty percent 
of us are on the WAN. We have Fibre 
Channel links (that we own) to a few of 
the closer units. Everyone else uses aTI, 
Multiprotocol Label Switching, DSL, or 
cable. Some people are still on dial-up 
because their remote rural site has no 
other option. 

With so many sites, one of them is 
down virtually every day. With cloud 
computing, that site would be out of 
business for the duration, whether 30 
minutes or three days. When I started in 
IT, we had three VAX terminals sharing a 
1200-baud phone line to the mainframe. 
Never again. 

—Tom Doran 
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Build a Secure and Compliant 
Windows Desktop 

Organizations are being compelled 
to improve client security—auditors, 
regulators, and business-unit owners 
recognize the threat unsecured desk¬ 
tops pose and the need to comply 
with current regulations. The chal¬ 
lenge is to maintain user productiv¬ 
ity in the process. Simply removing 
administrator rights from end users 
may be the Holy Grail of desktop 
security, but doing so can have an 
impact on the everyday activities 
of end users trying to do their jobs. 
Register now for this important event 
and learn how to implement the cli¬ 
ent security your organization needs. 
windowsitpro.com/go/SecureDesktop 


Maximize Your SharePoint 
Investment 

In this web seminar, we'll take a look 
at the complex business of secur¬ 
ing, accessing, and managing vast 
amounts of information in a global 
network. With true bidirectional 
replication of SharePoint content 
from one server to another, you can 
enable branch offices and remote 
sites with challenged network con¬ 
nections to maintain immediate 
access to current SharePoint content 
even in failover scenarios. 
windowsitpro.com/go/Maximize SharePoint 


Are You Ready to Deploy SQL 
Server 2008? 

With a migration to SQL Server 2008, 
there is the risk that the server will 
not perform well at deployment. This 
essential guide explains how analyz¬ 
ing your disk, memory, and processor 
requirements can help you develop 
a migration plan that will make your 
deployment an immediate success. 
Download this essential guide to 
learn what you need to do before 
implementing SQL Server 2008. 
windowsitpro.com/go/SQLReady 


www.windowsitpro.com 


Humphries 
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Stay off the Security Snafus List 

Seal up security cracks with resources from 
Windows IT Pro 


I n his January 2009 web-exclusive 
article "Top Ten Infosec 'Oops!' of 
2008" (InstantDoc I D 101205) , Tony 
Howlett lists the biggest screw-ups 
of last year. While I mocked accord¬ 
ingly the Spores amoeba's evolution 
dissolution and the Zune's Christmas-time 
crash, I couldn't find fun in the folly of 
11,348,196 compromised private records— 
in 687 separate incidents. 

Tony asks, "Is it wishful thinking to 
hope it will be better in 2009?" I say that 
wishes can come true. To keep you off of 
his naughty list for 2009, I've made a list of 
my own. Check out these must-see security 
resources, and seal up the cracks in your 
organization before it's too late! 

• "A 5-Step Security Plan" (InstantDoc ID 
101128) . With the matter-of-fact tagline 
"Tt can't happen here' is no excuse," 
this web-exclusive article summarizes a 
security seminar's advice into an easy- 
to-follow plan for your organization. 

• "Ease Security Headaches" (InstantDoc 
ID 100724) . Russell Smith reviews com¬ 
mon security aggravations and offers 
suggestions for how to handle them. 

• "Lumension Survey Notes Top Threats" 
(InstantDoc ID 101077) . Find out the top 
security concerns from a recently posted 
trends survey and read more about the 
survey results with picks from security 
editor Lavon Peters. 

• "Top Ten Net-Surfing Risks at Work" 
(InstantDoc ID 100622) . Tony Howlett 
warns of the most dangerous Internet 
activities for the workplace and gives me 
at least four things to feel guilty about. 

• Vista Security, Parts 1 and 2 
(windowsitpro.com/go/ITTV/Vista 

SecurityPartl and windowsitpro.com/ 
go/ITTV/VistaSecurityPart2). 


February Web Offerings 
You'll Admire 

• Tips to secure Hyper-V (InstantDoc ID 
100942) 

• Learn howto clear the Outlook list 
of recently accessed folders of other 
users, plus find out what happens 
when a cached mode client limits 
the .ost file to a size smaller than the 
mailbox size (InstantDoc IDs 101095 
and 101096) 

• Explore how Active Directory security 
group memberships are replicated, 
how to change the default location 
for new user and computer accounts, 
and information about remote net¬ 
work ports (InstantDoc IDs 101227, 
101228,101229) 

• Does SafeHTML really make viewing 
HTML documents safe? (InstantDoc ID 
101245) 

Find more free and VIP-only web arti¬ 
cles at www.windowsitpro.com! 


Windows Vista has been touted as 
Microsoft's most secure OS ever. Karen 
Forster interviews Microsoft product 
managers about Vista's built-in security 
features. 

• Security UPDATE. Learn how to avoid 
or fix Windows security risks and 
attacks with highlighted feature articles 
and tips in this free weekly email 
newsletter. To subscribe, go to windows 
itpro.com/email. 

To view more security articles, see the 
Security topic page at windowsitpro.com/ 
windowssecurity. 

InstantDoc ID 101213 
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Thurrott 

"Server 2008 R2 breaks all the R2 rules. 
And that's OK with me." 


NEED TO KNOW 


Windows Server 2008 R2 Beta 

A more compelling update than originally anticipated also prompts some questions 


I n late 2009, Microsoft will ship Windows Server 2008 R2. As 
a follow-up to Windows Server 2008, Server 2008 R2 shares 
much, technologically, with its predecessor. However, unlike 
most R2 releases, Server 2008 R2 is not only a more compel¬ 
ling update than what was originally anticipated but also 
prompts some questions. Here's what you need to know about 
Windows Server 2008 R2 Beta. 

Not Your Average R2 

Microsoft instituted its R2 naming scheme—and the resulting major- 
minor release cadence for Windows Server—with Windows Server 
2003 R2. That release was intended to set the stage for future R2 ver¬ 
sions, but many of its most impressive intended features were in fact 
delayed until Windows Server 2008. Ironically, with Server 2008 R2, 
Microsoft is packing in so many features that it risks alienating some 
customers. 

The problem is that R2 releases aren't supposed to break the 
application and driver compatibility models set by their major- 
release predecessors. And with Windows Server 2008 R2, Microsoft 
is attempting to do something it hasn't done since Windows 2000: 
Develop major releases of its Windows client and server products 
side by side. Doing so offers certain "better together" advantages. But 
it also breaks compatibility because the kernel and other low-level 

OS code must be aligned for both 
releases. The result is that Server 
2008 R2 is, in many ways, a fairly 
major upgrade to Microsoft's 
server OS. 

One of the missions of R2 
releases in general is to supply 
up-to-the-minute support for 
next-generation technologies. So 
it stands to reason that those cus¬ 
tomers who would be interested 
in the many new Server 2008 R2 
technologies are most likely OK 
with a compatibility break this 
time around. And many of them 
will likely be interested in R2's 
client stablemate, Windows 7, as 
well. Rightly so: Windows Server 
2008 R2 is Windows 7 Server. 
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Notable New Features 

Windows Server 2008 R2 brings numerous new features to the Win¬ 
dows Server product line. Here are some of the more notable. 

Hyper-V 2.0 with Live Migration capabilities. Server 2008 R2 
includes the second-generation version of Microsoft's Hyper-V virtu¬ 
alization platform, which brings the long-awaited Live Migration func¬ 
tionality. In Server 2008, it was possible to migrate virtual machines 
(VMs) from host to host with just a litde downtime; now, as long as you 
have failover clustering, VM migration will be nearly instantaneous 
and will result in no downtime for users. 

Remote Desktop Services (next-generation Terminal Services). At 
one time, Microsoft believed that most of the functionality in its Termi¬ 
nal Services (TS) technologies would be subsumed by its Hyper-V vir¬ 
tualization efforts, but the company now realizes that customers prefer 
a choice when it comes to virtualization. With Server 2008, the software 
giant began referring to TS as "presentation virtualization" to put it in 
line with its other virtualization solutions. In R2, these technologies are 
expanded and renamed Remote Desktop Services (RDS). 

Some of the changes in RDS are simply branding. TS RemoteApp 
becomes RemoteApp. TS Gateway becomes Remote Desktop Gate¬ 
way. TS Session Broker is now Remote Desktop Connection Broker. TS 
Easy Print is Remote Desktop Easy Print. And TS Web Access becomes 
Desktop Web Access. New to R2 is Desktop Connections, which inte¬ 
grates RemoteApp applications into the user's Start menu for a truly 
integrated experience. This feature requires Windows 7 on the client. 
The low-level Remote Desktop protocols have also been improved 
in R2 with such features as true multimonitor support, multimedia 
redirection, audio input and recording, Aero Glass support, DirectX 
redirection, and language bar redirection. 

Server Manager. Microsoft's all-in-one admin tool is finally being 
updated. It will support remote server management. 

Windows PowerShell 2.0. Although Server 2008 included the initial 
release of the PowerShell command-line and scripting environment, it 
was almost a science experiment: Administrators were expected to roll 
their own PowerShell administrative scripts or find them online. Server 
2008 R2 begins the long march to a PowerShell-based administrative- 
tools future. R2 includes PowerShell 2.0 as well as dozens of pre-made 
administrative cmdlets. Additionally, far more of the OS, including 
RDS, is now scriptable in PowerShell. And PowerShell 2.0 lets you run 
scripts on multiple remote computers if necessary. 

Active Directory Administrative Center. The first major Pow¬ 
erShell-based admin console to appear in Windows Server, Active 
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2008 R2, 
Microsoft is 
packing in 
so many 
features that 
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NEED TO KNOW ■ 


Directory Administrative Center is a task- 
based UI built entirely on cmdlets, similar to 
the Exchange Server 2007 admin console. It 
offers a three-pane view similar to Microsoft 
Management Console with common Active 
Directory (AD) administrative tasks on the 
left, tasks on the right, and the currently 
selected tool in the middle. Customers can 
expect more Windows admin tools to “go 
PowerShelT in the future, modeled after the 
AD Administrative Center. 

.NETandASP.NET in Server Core. Server 
Core has proven to be one of the most well- 
regarded features of Server 2008, but custom¬ 
ers asked for a few additional roles, one of 
which, the Microsoft Internet Information 
Services (IIS) web server, was only partially 
implemented in that release. For R2, a subset 
of the .NET Framework has been added to 
Server Core, and with it comes support for the 
full IIS web server experience, including ASP 
.NET. In R2, Server Core can also run Power- 
Shell scripts for the first time. 

Integrated IIS extensions. Server 2008 
supports the notion of extensions for IIS. 


But extensions are hard to find—they're 
available only on the web, and many admins 
don't know they exist. 

Massive scalability with better multicore 
support. Server 2008 R2 will support up to 
256 logical processor cores, a huge improve¬ 
ment over its predecessor's support for 64 
cores. Further, Hyper-V-based VMs can now 
address up to 32 logical processors per VM. 

Server 2008 R2 Features That 
Require Windows 7 

Server 2008 R2 also includes features that 
work with Windows 7 on the client. None 
of them are as fundamental and game- 
changing as were AD and Group Policy in 
Windows 2000, but the resulting stream¬ 
lined, more easily administered environment 
could, I feel, cause many enterprises to pull 
the trigger on Windows 7 as well. 

DirectAccess. DirectAccess is similar to the 
HTTPS-based Microsoft Outlook Web Access 
gateway to Exchange and provides a simple 
way to let external users use your intranet 
without setting up an expensive and complex 


VPN. From the user's perspective, network 
access is transparent and works as if the user 
is physically connected to the network. (For 
customers who stick with VPNs, R2 includes a 
VPN Reconnect feature, which automatically 
reconnects users to disconnected VPNs.) 

BranchCache. Aimed at branch offices, 
BranchCache caches network traffic between 
the home office and the branch. If a user at the 
branch requests information that has already 
been accessed over the WAN, that user will 
receive the local, cached copy instead. 

BitLocker to Go. The BitFocker Drive 
Encryption feature from Windows Vista and 
Sever 2008 provided a way to encrypt full 
disks, but these disks had to be directly con¬ 
nected to the system via conventional ATA or 
Serial ATA (SATA) connections. R2 supports 
removable USB and external SATA storage 
via a new BitFocker To Go feature. This fea¬ 
ture still requires specific Trusted Platform 
Module (TPM) hardware support. 

Power management. Because both Server 
2008 R2 and Windows 7 can natively monitor 
and autoconfigure power management at a 
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■ NEED TO KNOW 


Because Server 2008 R2 breaks 
compatibility with its predecessor, it's 
not the simple proposition that 
Windows 2003 R2 was. 


far more granular level than their predeces¬ 
sors, power management features have been 
added as a server admin function. These fea¬ 
tures are implemented through a collection of 
new Group Policy Objects (GPOs). 

Desktop Connections. As I discussed 
earlier, Desktop Connections integrates with 
RemoteApp to allow RDS-based applications 
to appear in the user's Start menu and thus 
behave like native applications. 

64-Bit Installation 

Although Server 2008 R2 ; s system require¬ 
ments are similar to those for Server 2008, 
Microsoft had previously announced that R2 
would be made available only in 64-bit edi¬ 
tions. Because new server hardware is 64-bit 
these days, R2's 64-bit-only architecture won't 
be a problem for new installations. But it 
might cause problems with upgrades: Micro¬ 
soft doesn't support in-place upgrades from 
32-bit Windows to 64-bit. Organizations run¬ 
ning 32-bit versions of Server 2008 will need 
to perform clean installations of R2. Those 
with 64-bit versions can upgrade in place. 


Timing and Availability 

A beta version of Server 2008 R2 is now 
available, and you should use that feature- 
complete version of the product to evalu¬ 
ate when to begin rolling out this system. 
According to Microsoft, Server 2008 R2 
will ship at roughly the same time as Win¬ 
dows 7, which puts the new OS's release to 
manufacturing date some time in late 2009. 
Licensing will be identical to Windows 
2003, and Software Assurance customers 
will get Server 2008 R2 as part of their ongo¬ 
ing subscriptions. 

It's OK to Break the R2 Rules 

Because Server 2008 R2 breaks compatibil¬ 
ity with its predecessor, it's not the simple 


proposition that Windows 2003 R2 was. That 
said, it's hard to imagine the market not 
being excited about some of R2's new func¬ 
tionality, and those who opt to roll out R2 
and Windows 7 simultaneously—an unlikely 
scenario, I know—will see even more benefit. 
Server 2008 R2 breaks all the R2 rules. And 
that's OK with me. Whether it is for you will 
depend, of course, on your needs. ^ 

InstantDoc ID 101225 


PAUL THURR0TT (thurrott@windowsitpro 
.com) is the news editor for Windows IT Pro. 

He writes a weekly editorial for Windows IT Pro 
UPDATE (www.windowsitpro.com/email) and a 
daily Windows news and information newsletter 
called Winlnfo Daily UPDATE (www.wininformant 
.com). 



.tockYour ITToolbox with All theToolsYou Need! 


*Rates vary outside the U.S. 


With a Windows IT Pro VIP subscription, you’NTeceive: 

■ Every solution ever printed in Windows IT Pro and SQLS ery^ Mdga 
(over 26,000 articles!) 

■ Bonus Web-exclusive content on hot topics such as Sefffil tl^ffll 

Scripting, SharePoint, & more ^gg&Sj 

■ A 12-issue (1-year) print subscription to your choice pf ^jS 
Windows IT Pro or SQL Server Magazine] 

■ The convenient VIP CD (updated and mailed 2x/year) ^ 

a $500 value— Yours for only $199*! VI 

B volume n 


vipcd 


Equip yourself today at 

www.windowsitpro.com/go/StockMyToolbox 


He bthm ircfom 

epmoinisidyflij 

'iW 


10 MARCH 2009 Windows IT Pro 


We're in IT with You 


www.windowsitpro.com 















WINDOWS POWER TOOLS 


Minasi 

"I miss boot.ini's simplicity, but BCD 
and Bcdedit are here to stay." 



Bcdedit Basics 

Control your Windows Server 2008 and Windows Vista boot options 


A nyone who uses Windows Server 2008 or Windows Vista 
knows that these latest Windows versions have brought 
some significant changes to Microsoft's OSs. One of 
these changes is the way you control Windows' boot 
loader, the software that supports storing more than 
one OS on a drive and that lets you configure the way 
Windows boots. With this change comes a new tool—Bcdedit—that 
anyone who administers Server 2008 or Vista systems must master. 

Prior to Vista, we controlled boot order and boot options by 
modifying the bootini text file at the root of the C drive. To change 
the boot-loader behavior of pre-Vista systems, we needed nothing 
more complex than Notepad and the knowledge of how to un-set 
bootini's "read only" component. Now, Microsoft has replaced boot 
.ini with a binary file called BCD, which resides in a hidden system 
folder called \boot on whatever drive you boot your system from. 
Bcdedit is the tool you'll use to control BCD. 

Boot Alterations 

The BCD boot-loader structure introduces some new terminology. 
Whereas a bootini file might have several sections that let you boot 
a particular OS with specific options, Bcdedit has boot entries. A new 
Server 2008 or Vista installation has just one boot entry, but if you 
add an OS—for example, if you install both Server 2008 and Vista 
on the same system, or if you have only one OS on your system but 
want the option to boot that OS with different startup or debugging 
settings—you'd have more than one boot entry. You can see your 
boot entries by opening an elevated command prompt and typing 

bcdedit /v 

The top section of the output that Web Figure 1 (www.windows 
itpro.com, InstantDoc ID 101168) shows—labeled Windows Boot 
Manager—contains global information: which boot entry boots by 
default, how long users have to choose a non-default boot entry, and 
so on. Below that, Bcdedit displays two boot entries labeled Windows 
Boot Loader. The first boots a copy of Server 2008 (as you can see in 
the description line), and the second boots Vista. 

Notice that Bcdedit /v shows a lot of long hexadecimal strings 
enclosed in brackets—you probably recognize these as globally unique 
identifiers (GUIDs). You can safely ignore most of these GUIDs, but pay 
special attention to the first one in each boot entry, labeled identifier. 
You need these GUIDs when you inform Bcdedit which boot entry to 
make the default, in what order to display the boot entries, which boot 


entries to copy, and so on. If you're like me, you'll find yourself feeling 
thankful that you can mark text and put it into the clipboard. 

To tell BCD which boot entry to load by default, you use the 
Bcdedit /default command. For example, to tell my system to boot 
the Server 2008 boot entry, I would type 

bcdedit /default {6443870f-Bc0c-lldd-835a-c0389998b4ec} 

If you can't imagine typing or even copying those GUIDs, you'll be 
glad to know that Bcdedit recognizes two well-known GUIDs: The 
{current} value is the boot entry that the OS is currently running, 
and the {default} value is whatever boot entry BCD currently knows 
about. 

If I were to delete the \Windows folder from the Server 2008 
installation on my system's E drive, I would essentially uninstall 
Server 2008 from my system. But BCD wouldn't know that, so every 
time I booted my system, I'd see a useless option to boot Server 2008. 
To configure BCD to no longer show the Server 2008 option, I’d use 

bcdedit /delete {6443870f-3c0c-lldd-835a-c0389998b4ec} 

If you're thinking about trying some of these commands, I recom¬ 
mend creating an extra boot entry to play with. Believe me, you don't 
want to accidentally delete your main OS's boot entry! To copy your 
boot entry for test purposes, you can use the command 

bcdedit /copy {current} /d “Test entry” 

Note that I've added the mandatory switch /d, which lets me add a 
name for the new OS boot entry. 

Whenever I set up a Windows NT 3.1 or later system, I find boot 
.ini's default 30-second wait to be excessive, unacceptably slowing 
down my boot times. So, I always like to modify the “timeout=30" 
value to 5 seconds. To do the equivalent in Bcdedit, I type 

bcdedit /timeout 5 

Familiarize Yourself 

I miss bootini's simplicity, but BCD and Bcdedit are here to stay, so 
I recommend spending a little time getting familiar with Bcdedit. I'll 
cover more in-depth options next time. ^ 
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Otey 

"It seems like SharePoint sites are popping up 
faster than hair on a time-lapsed Chia Pet." 


SharePoint FAQs 

These Q&As explain the basics of SharePoint and how you might use it 


M icrosoft SharePoint is one of the fastest growing IT 
technologies today. It seems like SharePoint sites 
are popping up faster than hair on a time-lapsed 
Chia Pet. But not everyone is on the SharePoint 
bandwagon. If you've held back because you 
aren't quite sure what SharePoint is and how you 
might use it, this column answers some of your questions. 


O Why should I use SharePoint instead of a file share?— 

SharePoint supports document version control, which lets 
users check out documents for modification, then check 
them back in. Users can see the status of documents and who has 
them checked out and can receive notification when a document 
is changed. SharePoint also saves each version of each document, 
making it possible to restore a document to a previous state. 


O What is SharePoint?—Both Windows SharePoint Services 
(WSS) 3.0 and Microsoft Office SharePoint Server (MOSS) 
2007 enable online document sharing and collaboration. WSS 
3.0 is a free download from Microsoft's website and MOSS 2007 is a 
licensed server product. 

O What's the difference between the two?—Both products 
include blogs, wikis, shared calendars, and document sharing, 
but MOSS provides additional enterprise-oriented features, 
including Enterprise Portal site templates, a My Site personal site 
for individual users, RSS content syndication, and mobile-device 
support. A detailed list of the differences is at office.microsoft.com/ 
en-us/products/fxl01758691033.aspx. 


O What are the WSS 3.0 requirements?—The recommended 
system requirements for WSS 3.0 are a 2.5GHz CPU, 1GB of 
RAM, and 3GB of free disk storage. WSS runs on Windows 
Server 2003 with SP1 or higher. Windows 2003 systems must run 
Microsoft Internet Information Services (IIS) 6.0 or later; Windows 
Server 2008 requires IIS 7.0. WSS also requires .NET Framework 3.0 
or later. Administration requires Microsoft Internet Explorer 6.0 or 
later with the latest service pack. 

O Do I need Microsoft SQL Server to use SharePoint?—You do, 
but SharePoint installs what it calls Windows Internal Database— 
actually SQL Server 2005 Express—which is free. SharePoint 
also works with SQL Server 2000 SP4, SQL Server 2005 SP2, and SQL 
Server 2008. (Using SQL Server 2008 requires WSS 3.0 SP1.) 

O What types of documents does SharePoint allow collabora¬ 
tion on?—SharePoint lets you collaborate with all the com¬ 
mon document formats in the Microsoft Office suite, including 
Word, Excel, and PowerPoint. SharePoint also supports collabora¬ 
tion through wikis, blogs, shared calendars, and tasks. 


O Do I have to program in .NET to develop SharePoint sites?— 
No. SharePoint itself is actually an ASP.NET application, but 
neither WSS nor MOSS requires any programming to create 
and manage sites. However, developers can enhance the function¬ 
ality of SharePoint with Web Parts, which are essentially ASP.NET 
custom controls. 

O Where do I find SharePoint? You can download both 
the 32-bit and 64-bit versions of WSS 3.0 from technet 
.microsoft.com/en-us/windowsserver/sharepoint/bb400747 
.aspx. WSS 3.0 SP1 is at www.microsoft.com/downloads/details 
.aspx?familyid=4191a531-a2e9-45e4-b71e-5b0bl7108bd2. Y ou can 
download a trial version of MOSS 2007 from www.microsoft 
.com/downloads/details.aspx?familyid=2e6e5a9c-ebf6-4f7f-8467- 
f4de6bd6b831. 


O How do I get started building WSS sites?—You can build basic 
sites from scratch by using built-in menu options. However, 
one of the best ways to get up to speed quickly is to use Micro¬ 
soft's WSS application templates, which give you a variety of prebuilt 
sites as well as showing you some of the things you can do with WSS. 
There are about 40 templates you can download at technetmicrosoft 
.com/en-us/windowsserver/sharepoint/bb407286.aspx. These tem¬ 
plates can also be used with MOSS. 




What's a good resource for learning more about SharePoint?— 

1 One of the best SharePoint resources is Windows IT Pro's own 
Office & SharePoint Pro website. The Office & SharePoint Pro 
site has a plethora of technical articles as well as blogs, forums, and 
videos. You can find it a t www.officesharepointpro.com. ^ 
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Next-Generation Enterprise Backups 

R1 Soft Continuous Data Protection®,Tools for Windows & Linux 

**Maximum Protection at a Lower Cost Per Server** 
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CDP Server 
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CDP for MySQL Add-on True-Granular Restore™, Bare-Metal Restore for MySQL databases, Store more than 
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CDP Archive Add-on: Allows users to extract data from their Disk Safes and save this data to the specified 
destination. Single files, multiple files, or an entire Recovery Point can be extracted. 
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WHAT WOULD MICROSOFT SUPPORT DO? 


Morales 

"You should regularly collect baseline 
performance data on your most 
essential servers." 



Get a Handle on Windows Performance Analysis 

Use free tools to collect and easily analyze Performance Monitor data 


A s an administrator, you probably know firsthand that 
manually analyzing Performance Monitor logs is a 
time-consuming process. I'll tell you about some tools 
that Microsoft support uses for system performance 
analysis—tools that can help you more easily and 
effectively analyze your systems' performance and 
troubleshoot performance problems. Each of these tools performs 
one of the two main performance-analysis tasks: data collection or 
data analysis. 

Data-Collection Tools 

Performance Monitor Wizard (perfwiz.exe) simplifies the process 
of gathering Performance Monitor logs on Windows Server 2003, 
Windows XP (x86 only), and Windows 2000 systems by configuring 
the correct counters to collect and suggesting the most appropri¬ 
ate sample intervals and log-file sizes. You can download Perfor¬ 
mance Monitor Wizard at www.microsoft.com/downloads/details 
.aspx?familyid=31fccd98-c3al-4644-9622-faa046d69214. 

Logman.exe is a built-in Windows command-line tool that man¬ 
ages and schedules performance counter collections on local and 
remote systems and runs on Windows Server 2008, Windows Vista 
(x86 and x64), Windows 2003, and XP. You can find information 
about Logman syntax and examples of usage at technetmicrosoft 
.com/en-us/library/cc755366.aspx. 

Here's an example of how you'd use logman.exe from the com¬ 
mand line to generate a Performance Monitor log called High-CPU- 
Perf-Log and configure it to capture data at 5-second intervals: 

Logman.exe create counter High-CPU- 
Perf-Log -f bincirc -v mmddhhmm 
-max 250 -c "\LogicalDisk(*)\*" 

"\Memory\*" "\Network Interface(*)\*" 

"\Paging File(*)\*" 

"\PhysicalDisk(*)\*" "\Process(*)\*" 

"\Redirector\*" "\Server\*" 

"\System\*" "\Thread(*)\*" 

-si 00:00:05 

(Be sure to type the entire command all on 
one line without the line breaks shown in the 
example above.) 

Executing the logman.exe command 
generates a .big file. To view this file, open 


Performance Monitor and navigate to the Data Collector Sets folder, 
as Figure 1 shows. 

I recommend you reboot your server before starting a Perfor¬ 
mance Monitor log and let the log run from reboot until the condi¬ 
tion you're tracking (e.g., system hang, sluggishness) occurs. Letting 
the Performance Monitor log collect data until the problem recurs 
ensures that the log captures all relevant data about your problem. 
Gathering as much data as possible in the log will improve the reli¬ 
ability of the analysis. Rebooting first, then starting the Performance 
Monitor log helps you identify trouble spots because you can see the 
resource consumption (memory, CPU, and disk) from the beginning, 
when things are presumably running normally, all the way through 
the problem period. 

You should collect baseline performance data regularly on your 
most essential servers. Doing so could help you prove or disprove 
that a problem exists. Although Microsoft provides performance 
guidelines, it's difficult to know what's typical for your environment 
unless you have baseline data. Certain performance statistics can 
be falsely blamed as the culprit responsible for a new problem, but 
having a baseline of data that was collected before a new problem 
occurs will help keep the focus off irrelevant statistics. (You can 
find guidelines for gathering baseline data at technetmicrosoft 
.com/en-us/library/cc781394.aspx.) 

Data Analysis 

A tool that Microsoft support relies on to analyze Performance 
Monitor logs is the Performance Analysis of Logs (PAL) Tool, 
available at www.codeplex.com/pal. PAL lets you easily analyze 
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Figure 1: Viewing the .big file generated by logman.exe 
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■WHAT WOULD MICROSOFT SUPPORT DO? 



Figure 2: Sample PAL analysis report showing Handle Leak alerts 



Figure 3: Handle Leak Detection alert explanation 

Performance Monitor logs without requir¬ 
ing you to be an expert in performance 
counters or Windows architecture. 

PAL contains a wizard-based UI that 
asks specific information about the sys¬ 
tem, which PAL passes as arguments to 
a VBScript program. PAL picks up where 
other log analyzers leave off, such as taking 
into account whether the system is 64-bit or 
32-bit, whether the /3GB switch is used, and 
how much physical memory is installed—all 
variables that affect system performance. 
PAL uses these variables along with known 
thresholds, which were determined by engi¬ 
neers with years of experience, to analyze 
the log data. PAL provides a chronological 
order of alerts, so that you can correlate your 
system's performance to any problems that 
you noticed at specific times. 

PAL also can provide application- 
specific analysis for applications such as 
Microsoft BizTalk Server, Microsoft Exchange 
Server, and others. So as an administrator 
wearing several hats, you can have appli¬ 
cation-specific performance data analyzed 
without being an expert in an application's 
performance counters. PAL can make your 
life easier by providing analysis for baseline 
data when performance is typical or to help 
pinpoint the root cause of a performance 


problem when one occurs. 

PAL's user-friendly UI walks you through 
the few steps necessary to start the analysis 
process. The analysis report that PAL gener¬ 
ates is an .html file that's stored by default 
under the \My Documents\PAL Reports 
folder. The report contains hyperlinks and 
graphs that enable easy interpretation and 
navigation, and the file's portability lets you 
easily store it in a convenient location. 

Using PAL 

An example of where PAL saved the day 
came when a customer received a Micro¬ 
soft Operations Manager (MOM) alert that 
detected that all BizTalk services had gone 
offline on one of the customer's BizTalk 
servers. Remotely connecting to the server 
wasn't possible. However, since the server 
was in a cluster, the event logs were repli¬ 
cated, revealing the following error at the 
time the BizTalk server went offline: 

Event Type: Error 
Event Source: Srv 
Event Category: None 
Event ID: 2019 

Description: The server was unable to 
allocate from the system non-paged 
pool because the pool was empty. 


The error explained why remote connec¬ 
tions to the server weren't possible but 
didn't explain the problem's root cause. 

The customer solved the immediate 
problem by rebooting the server, which then 
resumed participating in BizTalk transac¬ 
tions. But we needed to understand what 
caused the failure. To do so, our first step 
after the reboot was to capture a Perfor¬ 
mance Monitor log. Then we copied the 
.big file to our workstation for analysis and 
loaded the file into the PAL wizard to gener¬ 
ate an analysis report. Using the previously 
mentioned event log error, we scrolled down 
to view the alerts in the report's memory 
section and noticed 31 Handle Leak Detec¬ 
tion alerts, as Figure 2 shows. 

Clicking the Handle Leak Detection 
hyperlink displayed an easy-to-read graph, 
which revealed that more than 340,000 han¬ 
dles were consumed by a single process. 
Additionally, we clicked the Chronological 
Order link near the top of the report (not 
shown in Figure 2), which displayed the 
explanation of the alert shown in Figure 
3. When we checked with the vendor for 
updates, we found one that the customer 
had not applied. After the update was 
applied, the problem was solved. The pro¬ 
cess that PAL alerted us to turned out to 
be the problem with this particular server. 
Bingo! No more leaking handles, and no 
more alerts from MOM indicating that Biz¬ 
Talk processes were offline. 

Performance Analysis Insight 

These tools and the guidance I've pro¬ 
vided for using them should give you some 
insight into managing the process of system- 
performance analysis. This knowledge 
can help you better understand how your 
systems typically perform and, if you do 
encounter a performance problem, help you 
to resolve it by employing tools that are both 
free and easy to use. ^ 

InstantDoc ID 101162 
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.com) is a senior escalation engineer for Micro¬ 
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Special thanks to Kent Weare, a Microsoft 
MVP who contributed to this article. 
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Ensim Unify makes 
Active Directory 
virtually unbreakable 



By David Chernicoff 


When corporate finances get tight, IT execs must find ways to 
provide improved efficiency and more effective service delivery 
with their existing resources. Tools that allow IT to deliver this 
improved efficiency move from the “nice-to-have” to the “must- 
have” category. While staffing might be reduced and hiring 
curtailed, IT tasks don’t get reduced, and quite often continue to 
grow, even during an economic slowdown. Here are our top tips for 
addressing the needs of IT in a down economy. 


1 Minimize or eliminate manual processes 

While there are always tasks that will require hands-on IT 
intervention, take a step back and examine which of your processes 
are suitable candidates for automation. Any multi-step task that 
requires direct IT intervention is a good candidate, while your prime 
candidates are those tasks that are repetitive. Basic tasks such as account 
creation, password changes, distribution list management, and access control 
changes all lend themselves to automation with the right tool. Such tasks can 
take up a surprising amount of IT time, even though the individual tasks are 
considered simple and easy to do. When you add up the amount of time IT staff 
spends on these “simple” tasks the value of automating them becomes apparent. 


Microsoft 




www.ensim.com 
+ 1.408.496.3700 
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Give end-users the ability to help themselves 

Delegating responsibilities through self-service can move common 
tasks off of the plate of the IT staff. Allowing departments such as 
I HR to provision or de-provision users based on IT policy means 
that this becomes part of the standard HR task list for the hiring 
or exit process, removing the IT staff as a potential bottleneck in the HR 
processes. Making tasks like password management or Exchange distribution 
list management the responsibility of designated users within individual business 
departments enables those departments to make changes when they need them 
and takes IT out of the day-to-day loop for these simple, common, tasks. 


S Automate and delegate policy management and delivery 

Using a granular, roles-based administration strategy means that 
common tasks can be pushed down to the appropriate level, 
allowing low-level IT staff, business managers, or even end-users 
to handle rote administrative tasks that would otherwise require 
expensive and limited IT resources. Good tools that allow simple, Web-based 
administration make this type of task assignment possible for IT as the tool user 
is shielded from the complexities of the task that would otherwise require specific 
IT skills to complete. 
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4 Allow flexible service delivery 

Cloud computing techniques have begun to establish their place 
in day-to-day business operations. With reliable and effective on¬ 
premises provisioning and access management controls for these 
types of applications, IT can smoothly integrate these technologies 
with their existing business workflow processes. The right tool is critical to 
making this possible and allows the IT department to deliver exactly the right 
combination of services to the end user. 



5 Simplify and perform regular Active Directory 
maintenance 

Cleaning up the Active Directory is a regular maintenance task 
required of IT organizations. Unfortunately, it is one that rarely gets 
performed often enough, and when IT gets around to it—usually 
on a quarterly basis—the directory is chock full of orphaned accounts, outdated 
access rights controls, and unexpected security problems. Trying to handle this 
AD maintenance nightmare, either manually, or with custom scripted solutions 
without full audit trails, tends to be a complex and time-consuming task. Often 
it’s one that’s not completely successful, leaving potential security holes and 
AD issues that need to be addressed eventually. Having tools to implement IT 
policies and automate their execution means that the primary culprits—which are 
the artifacts of changes made to the AD manually that are not fully addressed — 
are significantly reduced if not completely eliminated. This makes for a more 
streamlined directory and a reduction in potential security issues. 

6 Get control of your Active Directory 

Securing, monitoring, and auditing access to your Active Directory 
can prevent unplanned changes from wreaking havoc throughout the 
directory. IT is well aware that making the wrong choices or accidental 
changes in the directory can cause all sorts of issues, the worst of 
which prevent users from actually getting their work done. This sort of unplanned 
downtime is unacceptable in today’s business environment and as the tools are 
there for IT to prevent, or at least minimize the potential for this type of problem to 
occur, choosing not to implement this type of protection makes no sense. 

Integrate your mobile users 

Make sure that you have the tools in place to tightly integrate 
your mobile users and devices, be they Blackberry or 
Windows Mobile. You need to be able to provision these 
users for your enterprise, lock down or remote wipe 
these devices, update and password protect them, all with 
minimal end-user interaction. 

8 Better utilize your existing resource 

This tip is the main reason for your strategy. Tools and 
technology constantly change, and while you may 
consider your corporate computing environment to 
be an effective and stable one, the advances in 
management technologies can allow you to get a better 
understanding and more detailed control of the computing 
environment. Additional information and tools that have the 
ability to utilize that information can give you the opportunity 
to fine-tune even effective IT processes to allow those IT 
resources to be focused on new business issues. 
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Create PDF Files with PrimoPDF 

I'm a fan of free utilities, so I found 
ActivePDF's PrimoPDF to be very cool. It 
lets you create PDF files from more than 
300 types of files, including text files, 
graphics files (e.g., .bmp, .jpg, .tif), and 
Microsoft Office files (e.g., .doc, .ppt, .xls). 
It runs on Windows Vista, Windows XP, 
Windows 2000 Professional, Windows 
98, and Windows NT. 

To get PrimoPDF, go to the PrimoPDF 
website (www.primopdf.com) and click 
the download link. No registration is 
required.The website downloads the 
utility from CNE T Download.com, so 
PrimoPDF has been checked for mali¬ 
cious programs. 

To install PrimoPDF, launch the 
installer, accept the licensing agreement, 
and click Next when prompted. If you 
don't already have .NET Framework 2.0, 
you'll need to install it from the Micro¬ 
soft Download Center (www.microsoft 
.com/downloads) or let the PrimoPDF 
installer download it for you. 

PrimoPDF installs as a printer on your 
computer, so when you want to create a 
PDF file, you just select PrimoPDF as your 
printer. In the dialog box that appears, 
you'll have a choice of five settings for the 
PDF file: Screen (optimized for onscreen 
viewing), Print (optimized for printing), 
eBook (optimized for the web), Prepress 
(optimized for high-quality printing), and 
Custom (you provide the settings). After 
you enter a filename and browse to the 
location where you want to save the file, 
click Save, then Create PDF. 

PrimoPDF offers a few other features 
you can use when you're creating a PDF 
file, such as the ability to secure PDF 
files with passwords and add document 
information (e.g., title, keywords). You 
can also combine PDF files after they're 
generated. 

I recommend PrimoPDF to anyone 
who wants a free solution for creating 
PDF files. It's as simple as a printer and 
has some nice features. 

—Serge Bedard, technology architecture 
specialist, CSST Quebec 
InstantDoc ID 101217 


www.windowsitpro.com 


How to Determine the Next 
Available Drive Letter When Z Is 
Already Mapped 

I teach a course on VBScript essentials for 
systems administrators. When we were talk¬ 
ing about how to detect the next available 
drive letter in a script that maps network 
drives, many administrators pointed out 
that the script presented in the course's 
textbook was problematic because it 
assumed that administrators always map 
network drive letters in alphabetical order. 
The script iterated through the used drive 
letters in alphabetical order until it found 
the last used letter, then returned 
the next available letter. As a 
result, if you had previously 
mapped a drive to the 
letter Z, for instance, the 
script informs you that 
there are no available 
drive letters even if 
there are because Z is 
the last letter in the English 
alphabet. 

I wanted to find a VBScript solu¬ 
tion that wouldn't assume users' behavior 
and would always return a drive letter if one 
was available. I first searched the Internet. 
The only script I found was discussed in the 
Microsoft article "Hey, Scripting Guy: How 
Can I Determine the Next Available Drive 
Letter on a Computer?" (www.microsoft 
.com/tech net/scri ptcenter/resou rces/ 
qanda/jan05/hey0122.mspx). Although this 
script works well, the Windows Manage¬ 
ment Instrumentation (WMI) service 
(winmgmt.exe) must be installed on the 
computer from which you're running the 
script. But that's not always the case, so I 
decided to write a script that finds an avail¬ 
able drive letter and maps it to a specified 


path. Instead of using WMI to find an avail¬ 
able drive letter, FindNextDrive.vbs uses 
the Microsoft Scripting Runtime Library's 
FileSystemObject object.Thus, it works on 
any computer running Windows Script Host 
(WSH). 

Here's how FindNextDrive.vbs works. 
The script begins by creating a Scripting 
Runtime Library Dictionary object (aka 
dictionary), which it fills with 26 key/value 
pairs. The keys are the letters of the English 
alphabet. Each key's value is set to False, 
which indicates the drive letter is available. 

Next, the script calls the GetNextDrive- 
Letter function to find out which drives are 
already mapped. First, the func¬ 
tion sets its return value to -1 in 
case there are no drive letters 
available. Then, the function 
creates a FileSystem Object 
object, uses that object's 
Drive property to access the 
collection of currently defined 
drives, and iterates through 
the collection. For each used 
drive letter in that collection, 
GetNextDriveLetter finds the equivalent 
drive letter (i.e., the equivalent key) in the 
dictionary and sets that key's value to 
True. For example, if the E drive is already 
defined, the function sets the E key's value 
to True, which indicates that the E drive 
can't be used for the new mapping. Finally, 
the function iterates through the dictionary 
to find the first key whose value is still False 
(i.e., a drive letter that still isn't defined) and 
assigns that letter to its return value. 

After the GetNextDriveLetter function 
returns its value, the script checks it. When 
the return value is -1, you receive a mes¬ 
sage noting that there aren't any available 
drive letters. When the return value con- 
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tains a letter, the script maps the letter to 
the specified path and displays a message 
noting that it just mapped that drive letter. 

You can download FindNextDrive.vbs 
from the Windows IT Pro website. (Go to 
www.windowsitpro.com, ente r 101215 in 
the InstantDoc ID box, click Go, then click 
the Download the Code Here button.) Before 
you run the script, you need to customize 
the network path you want the script to 
map. To specify that path, find the line 

filePath = "\\college\Teachers" 

and replace \\college\Teachers with your 
network path. Note that this script doesn't 
use alternate credentials to map drives. 

—Simon Zeltser, software developer and lecturer, 
UCONN Enterprise Solutions 
InstantDoc I D 101215 

Divide and Conquer Mega-Sized 
Text and Log Files 

Several times a year, various department 
heads give me text files and ask me to 
perform data analyses and create sum¬ 
mary reports. Often these files are massive 
directory dumps or application data dumps 
that can be as large as 700MB and contain 
more than 9.5 million lines of text. I'm also 
occasionally asked to extract contents from 
extremely large text-based cluster logs, 

Web logs, and event logs for technicians 
who need to send log samples to our secu¬ 
rity department or to analysts to diagnose 
problems. In addition, there are times when 
I need to look at the data in an enormous 
text file so that I know how to work with its 
contents in a script. 

Sometimes these mega-sized text and 
log files are too large for Notepad to open. 
Other times, Notepad is sluggish when I try 
to scroll through the file contents. Having 
smaller files not only makes it easier to do 
data analyses but also dramatically speeds 
up code development and testing. 

After many months of working around 
this problem using a mixed bag of tactics 
such as exporting data to Microsoft Access 
or trying to open the files with some other 
application, I finally decided to write the 
Log Splitter utility.This HTML Application 
(HTA) splits large text files into smaller files 
that I can easily open with Notepad and 
work with when writing a script. 

The Log Splitter utility offers simple but 
adequate functionality. After you download 


the utility from the Windows IT Pro website 
(go t o www.windowsitpro.com, enter 
101218 in the InstantDoc ID box, click Go, 
then click the Download the Code Here but¬ 
ton) and copy it to your computer, double¬ 
click it. In the Ul (see Figure 1), enter the 
pathname of the text or log file you want to 
split or use the Browse button to locate it. 
You can split up the file by the number of 
lines or number of pages. To find out how 
many lines are in the file, click the GetLine- 
Count button. Knowing the total number of 
lines can help you decide whether to split 
the file by line count or by number of files. 

If you want to split the large file into 
a specific number of smaller files, select 
the Split into number of files option, then 
specify that number in the Enter Line Count 
or Number of Files f\e\d. If you want to split 
the large file into smaller files that contain 
a certain number of lines, select the Split 
by Line count option, then specify the 
maximum number of lines you want in 
the smaller files. You must enter a value of 
100,000 or higher. I found that lower values 
tend to produce too many files, particularly 
if you're splitting a file of several hundred 
megabytes. 

All that's left to do is to click the 
RunScript button and click OK. Before the 
utility starts splitting the large file, it checks 
for possible problems. If it finds a problem, 
it displays a message. For example, the util¬ 
ity checks whether the specified file is a text 
or log file. If you try to split another type of 
file, you'll receive the message This script 
only works with '.log' and 'txt' files. 

After splitting the large file, the util¬ 
ity saves and names each smaller file. For 


example, if 
you're split- ) 
ting C:\ 
dataVmassive 
.log into three 
smaller files, the 
smaller files will i 
named C:\data\massive~1 
.log, C:\data\massive~2.log, and C:\data\ 
massive~3.log. If these smaller files already 
exist, they'll be overwritten. 

Depending on the size of the file you're 
splitting, the process could take a long time 
to finish (e.g., about five minutes to split a 
100MB file into five files), so the utility's Ul is 
hidden while the process runs.The Ul reap¬ 
pears when the process completes. 

If you get the Microsoft Internet 
Explorer (IE) message A script on this page 
is causing Internet Explorer to run slowly. If it 
continues to run, your computer may become 
unresponsive. Do you want to abort the 
script? when running the Log Splitter utility, 
abort and see the Microsoft article "How to 
set time-out period for script" (support 
.microsoft.com/kb/175500 ). This article tells 
you how to add a new registry entry named 
MaxScriptStatements to alleviate the prob¬ 
lem. It's a relatively simple modification, 
but as with all registry changes, you need 
to use extreme caution. After I received this 
message, I set the MaxScriptStatements 
value to 100000000 (100 million).That 
value works well for me, but you could try a 
smaller value and see how it works on your 
computer. ^ 

—Jim Turner, domain administrator and applications 
developer, Computer Sciences Corporation 
InstantDoc ID 101218 




Figure 1:The Log Splitter utility's Ul 
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ANSWERS TO YOUR QUESTIONS 



Q: Where can I find the specifica¬ 
tion for the Virtual Hard Disk (VHD) 
format? 

A: Microsoft released the "Virtual 
Hard Disk Image Format Specification" 
at www.microsoft.com/technet/ 
virtualserver/downloads/vhdspec.mspx. 

The document is in line with the com¬ 
pany's open specification promise. A 
number of resources are linked, including 
a Microsoft Word document with the full 
specification. 

—John Savill 

InstantDoc I D 97985 

Q: How can I configure Microsoft 
Office Outlook's alerts for new 
items? 

At Outlook has several methods of 
alerting a user to the arrival of new email 
messages. You can configure a sound 
to announce a new message, cause the 
mouse pointer to change briefly to a flying 
envelope icon, make an envelope appear 
in the task bar, or display a new-item alert 
box in a pop-up. You can configure one or 
all of these options from Outlook's Tools 
menu. 


To configure these options, select Email 
Options, Advanced E-mail Options, then 
select the check boxes for the options you 
want in the When new items arrive in my 
inbox section. Each alert is fleeting, and no 
user action is necessary to make the alert 
disappear. You can extend the time that 
a new-email alert box is visible to as long 
as 30 seconds, and you can further extend 
that time by editing the registry. 

To make this registry change for 
Microsoft Office Outlook 2007, go to the 
H KC UXSoftwa re\M i crosoft\Offi ce\ 12.0\ 
Common\DesktopAlerts subkey and open 
the DWORD parameter for TimeOn. (For 
Microsoft Office Outlook 2003, replace the 
12.0 value in the subkey path with 11.0.) 
Change the base to Decimal and enter the 
time in milliseconds that the new email 
alert box should remain open. A decimal 
entry of 300,000 ms translates to 300 sec¬ 
onds (5 minutes) and a hexadecimal value 
of 000493e0. 

I had a 
client who 
wanted to en¬ 
sure that email 
recipients 
would always 
acknowledge 
the arrival 
of messages 
from impor¬ 
tant customers 
or supervisors. 

To help that 

client, I used the Outlook rule that lets you 
generate a New Item Alerts window that 
the recipient must manually close. You can 
use any of the conditions available in Out¬ 
look's New Rule wizard to control when a 
New Item Alerts window is presented. 

You can also use the wizard to custom¬ 
ize the New Item Alerts window pop-up 


Q: My DNS server lookups are 
taking a very long time. What 
could be wrong? 

A: It's possible that you've configured 
one or more invalid forwarders. Invalid 
forwarders would cause the DNS server 
to try to use the invalid forwarding 
server for name queries'zones where 
the DNS server isn't authoritative. If the 
forwarder doesn't exist, the DNS server 
will have to time out the resolution re¬ 
quest before it can attempt to resolve 
the name itself. 

To find and delete invalid forward¬ 
ers, right-click your DNS server in the 
Microsoft Management Console (MMC) 
DNS Management snap-in, select Prop¬ 
erties, and click the Forwarders tab. If 
there are any invalid forwarders, click 
the Edit button, select the invalid entry, 
and click Delete. Click OK to all dialog 
boxes to close them. 

—John Savill 

InstantDoc ID 97862 
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Figure 1: A customized New Items Alerts window to announce a message from 
a specific sender 


message. For example, I might decide to 
create a rule that makes it much more 
difficult for users to ignore the arrival of a 
new email message from Tony Soprano. 
When users receive a message from Tony 
Soprano (i.e., from the email address tony 
.soprano@emailonastick.com), I can have 
the New Item Alerts window display the 
text You have a message from Da Boss !, as 
Figure 1 shows. ^ 

— William Lefkovics 
InstantDoc ID 97030 
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ILLUSTRATION BY NICK ROTONDO 



icrosoft System Center Virtual Machine 
Manager (SCVMM) 2008 provides 
welcome updates to the original prod¬ 
uct. I gave an overview of SCVMM 
k| Wf WM 2008 in "Let SCVMM 2008 Manage It 
I All" (September 2008, InstantDoc ID 
99768) ; in this article I show you howto install the prod¬ 
uct and bring a Hyper-V host under its control. After I 
show you how to create a managed host, I explain how 
to clone an existing virtual machine (VM) and create 
hardware and OS profiles. Finally, I show you howto use 
these profiles and an existing VM to create a template 
that you can use to quickly generate a new VM to your 
specifications. (For information about SCVMM integra¬ 
tion and VMware ESX Server, see the sidebar "SCVMM 
and ESX Server Integration," page 25.) 

Installing SCVMM 

You can download a 180-day evaluation version of 
SCVMM 2008 from http://technet.microsoft.com/ 
en-us/evalcenter/cc793138.aspx. Although you can 
install SCVMM in complex configurations that require 
multiple servers (as I discuss in "Let SCVMM 2008 Man¬ 
age It All"), for the purposes of this article we'll run all 
the components (server, console, library, and Microsoft 
SQL Server database) on one server. 

SCVMM 2008 has the following software require¬ 
ments for successful installation: 

• The Server service must run on Windows Server 2008 
x64 (although you can run SCVMM itself on a VM). 

• Both the Server service and the administrator 


console require Windows PowerShell, which is 
included in Server 2008. 

• SCVMM requires Windows Remote Management, 
which is included in Server 2008. 

• You must configure Microsoft Internet Informa¬ 
tion Services (IIS) 7.0 (which Server 2008 includes) 
to run the IIS 6.0 Metabase Compatibility, IIS 6.0 
Windows Management Instrumentation Compat¬ 
ibility, Static Content, Default Document, Directory 
Browsing, HTTP Errors, ASP.NET, .NET Extensibil¬ 
ity, ISAPI Extensions, ISAPI Filters, and Request 
Filtering features. 

• SCVMM requires SQL Server 2008 or SQL Server 
2005 (although you can also use SQL Server 2005 
Express Edition, which is included in SCVMM). 

Most server-side components are included with either 
SCVMM or Server 2008 and are automatically con¬ 
figured when you install SCVMM. For more detailed 
information about the software and hardware require¬ 
ments necessary to install SCVMM, go to the Microsoft 
System Center Virtual Machine Manager website (www 
.microsoft.com/systemcenter/virtualmachine 
manager/en/us/system-requirements.aspx) . 

Adding a Host to Manage 

For the purposes of this article, I installed SCVMM on 
a Hyper-V host computer named THINKPADT61P, as 
Figure 1, page .22, shows, with SCVMM managing the 
host. Once the console is up and running, we need to 
add another host to manage. Selecting the Hosts view 
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Figure 1: SCVMM installed onTHINKPADT61P 


in the left-hand pane displays an Add host 
task in the Actions pane. Clicking that task 
starts the Add Hosts wizard, which lets you 
easily find a host either by directly entering 
the host name or by using the wizard to 
search in Active Directory. For this article, 
I've already added the Hyper-V host HAN- 
SHI to be managed by SCVMM. Both hosts 
have their own Virtual Machine Manager 
(VMM) libraries, kept in sync through DFS 
Replication (DFSR). (You can install DFSR 
as a File Service role feature in Server 2008; 
for information about using DFSR, see "Get 
in Sync with DFSR," April 2007, InstantDoc 
I D 95223. ) 

Cloning the Template Source Virtual 
Machine 

To create a VM template, you must first have 
a deployed VM to use as its source. For this 
article, I used a 64-bit Windows Server 2003 
VM named W2K3R2x64. Because creat¬ 
ing the template will destroy the VM, we 
must create a clone of the VM to use for 
the template. To create a clone, first make 
sure the VM is in either a stopped or saved 
state. Then, click the VM to highlight it and 
select Clone from either the context menu 
or the Actions pane. The wizard will ask for 
the clone's name, hardware and network 
configuration, destination host, path on the 
host, and startup and shutdown properties. 
The wizard will also ask whether you want 


the cloned VM to reside as a deployed VM 
on a host or to be stored in the VMM library. 
If you store the cloned VM in a library, it is 
inactive and offline. To make the VM active, 
simply select the Deploy action. For this 
article, I left the original name, and I stored 
the cloned VM in HANSHI's library. Because 
the original VM will be destroyed to create 
the template, no duplicate names will exist. 

Creating a Hardware Profile 

The next step in build¬ 
ing your VM library is 
to create a hardware 
profile. A hardware 
profile specifies the 
hardware configura¬ 
tion to be applied to 
a new VM created 
by SCVMM 2008. As 
Figure 2 shows, you 
can specify the num¬ 
ber of processors and 
one of 25 virtualized 
processor configura¬ 
tions, the amount of 
memory, the network 
to use, IDE/SCSI con¬ 
figuration, and more. 

By default, a hard¬ 
ware profile includes 
a built-in IDE drive 
(although you can't 


modify this drive until you create a VM). You 
can add and configure as many as four vir¬ 
tual SCSI adapters when you create a VM. 

Using hardware profiles lets you stan¬ 
dardize hardware across all your VMs. You 
don't need to create a separate hardware 
profile for each OS configuration—only 
when hardware requirements are different 
from the standard. For example, a Windows 
2003 domain controller hardware configura¬ 
tion might require 1.5GB of memory with 
one processor, whereas a SQL Server 2005/ 
Server 2008 configuration might require 
4GB of memory with dual processors. For 
this article I create just one simple configu¬ 
ration that's sufficient for demonstrating the 
template process. 

To create a new hardware profile, click 
the Library view in the left-hand pane of the 
SCVMM administrator console. The Library 
view shows the Library Actions section in 
the right-hand Actions pane. In the Library 
Actions section, click New hardware profile 
to launch the New Hardware Profile dialog 
box. Enter a short descriptive name, such as 
Default or Standard, as well as an optional 
description. Click the Hardware Settings tab 
to configure the hardware settings. Because 
we're creating a simple test configuration, 
1GB of memory and any processor configu¬ 
ration is adequate. 

Creating a Guest OS Profile 

Now that we've created the new VM's 



Figure 2: Creating a hardware profile 
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Figure 3: Creating a guest OS profile 


hardware configuration, we need to also 
configure the OS. To do so, well use a 
guest OS profile. The guest OS profile is a 
customized version of the base OS configu¬ 
ration for the new VM it's applied against. 
You can think of the guest OS profile as 
a user-friendly version of Sysprep. You 
need to create a profile for each type of OS 
configuration; as with the hardware profile, 
having separate OS profiles lets you create a 
standardized set of OS configurations that 
simplifies the task of managing your virtual 
infrastructure. 

To create a new OS profile, click the 
Library view in the left-hand pane. Click 
the New guest OS profile action to launch 
the Guest OS Properties dialog box. On the 
General tab, enter a short descriptive name, 
such as W2K3 R2 x64, to describe which OS 
the profile is designed for. Next, click the 
Guest OS tab to configure the OS profile. You 
can preconfigure a computer name, or you 
can let SCVMM randomly create an initial 
name. Enter the required name, organiza¬ 
tion name, and local administrator pass¬ 
word. Enter a product key, unless the OS 
is a Server 2008 or Windows Vista volume 
license build, in which case you can leave 
that field blank. Note that the product key 
isn't obscured after you enter it, so anyone 
with rights to access the guest OS profile can 
also obtain the product key. The product key 
is obscured, however, when it's used as part 
of a VM template, so self-service users can't 
see it. Select the time zone and OS type. You 
can configure the profile to automatically 
join a domain or remain in a workgroup. 
Finally, if you want to execute additional 
commands, the dialog box provides options 
for an answer file, as Figure 3 shows, and for 
run-once command scripts. 

Choosing a Virtual Hard Disk 

The default SCVMM library has several 
dynamically expanding disks, which is ade¬ 
quate for our lab-based example in which 
space is more important than performance. 
In a production environment, you'd want 
to create several Virtual Hard Disks (VHDs) 
for your library that use fixed-size disks of 
different capacities. Fixed disks perform 
better than dynamically expanding disks, 
but because their size is fixed regardless 
of how much data is on them, they have a 
bigger effect on your storage requirements. 
Another caveat when using dynamically 


expanding disks is that host disk fragmen¬ 
tation can cause a huge performance hit. 
Unlike a fixed disk, which is allocated as a 
sparse file when it's created, a dynamically 
expanding disk might use sectors scattered 
all over a fragmented disk. 

Creating a New Template 

Now that we have a VM to use as a baseline 
and hardware and guest OS profiles to 
configure new machines, we need to create 
an SCVMM template for generating new 
VMs. Like hardware profiles and guest OS 
profiles, a template is a database object; you 
won't find it in the SCVMM library folder 
structure. An SCVMM template combines 
a hardware profile, a VHD, and a guest OS 
profile. You can use a VHD either from the 
library or from an existing VM, but be aware 
that if you use an existing VM's VHD, the 
VM will be destroyed because the resulting 
Sysprep process strips the VM of its com¬ 
puter identity. Also, be sure the VM is free 
of restrictive password policies that could 
prevent Sysprep from setting the Admin¬ 
istrator password. It's best to have the VM 
be a member of a workgroup rather than 
a domain so that the VM doesn't inherit 
the domain's security policies; appropriate 
policies will be enforced when a new VM 
is created from this template and joined to 
a domain. 

To create the VM template, click New 
Template in the Library view to launch the 


New Template wizard, select the source as 
an existing VM, and choose W2K3R2x64. 
(Or select the W2K3R2x64 VM, then click 
New Template in the Actions pane.) Click 
Yes to acknowledge that you plan to over¬ 
write W2K3R2x64. Keep the same name, 
but consider adding a description of the 
hardware and guest OS profiles you'll use. 
Choose the default hardware profile in the 
Configure Hardware step and the W2K3 R2 
x64 guest OS profile in the Guest Operating 
System step. (These are the profiles we just 
created.) For our example we'll create the 
template in THINKPADT61P's library. 

The final step, Select Path, is a bit confus¬ 
ing. You might wonder why, if a VM template 
is a database object, this step asks for a share 
location in the library. The share is where 
the VHD that you associate with the tem¬ 
plate will be stored. To minimize confusion, 
I recommend that you create a subfolder 
in the VHD folder, called Template VHDs. 
This way, when you view the library via the 
file system you can easily see these VHDs' 
purpose. Confirm your settings, and click 
OK to begin the template creation. Figure 4 
shows how the VM is stepped through the 
Sysprep process during template creation. 

Creating a New VM 

Now that we have a template, we can use 
it to create a new Windows 2003 R2 x64 
VM. Highlight the template and click New 
Virtual Machine in the Actions pane to 
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and iSX Server 
INTEGRATION 

When I first heard about the integration of Microsoft System Center Virtual 
Machine Manager (SCVMM) 2008 and VMware's ESX Server, I got really excited because I 
thought that SCVMM could directly manage ESX. After some research, I discovered that my 
assumption was incorrect. 

SCVMM integrates only with VMware vCenter (formerly VMware VirtualCenter). As you 
might know, at least one vCenter server is required to manage most of the enterprise features 
of VMware Infrastructure, such as High Availability (HA), vMotion, and Distributed Resource 
Scheduler (DRS). SCVMM communicates with a set of published vCenter APIs. For SCVMM 
to integrate with ESX, you must purchase vCenter (at a price of approximately $6,000). But if 
you already have vCenter, you can use SCVMM to manage a mixed Hyper-V and ESX Server 
environment. 

SCVMM is significantly less expensive than vCenter. So if in a future release Microsoft could 
incorporate all of vCenter's features in SCVMM, the company would have a very attractive prod¬ 
uct that would significantly reduce the cost of implementing the enterprise features of VMware 
Infrastructure. For now, well have to wait and see whether SCVMM will be a suitable replacement 
for vCenter in the future. 


Alan Sugano 

(asugano@adscon.com) is the president of ADS Consulting Group, which specializes in net¬ 
working, custom programming, Microsoft .NET web development, and SQL Server develop¬ 
ment. He's the author of The Real-World Network Troubleshooting Manual (Charles River Media). 



launch the New Virtual Machine wizard. 
(Alternatively, right-click the W2K3R2x64 
template in the Library view and select New 
Virtual Machine.) For this article, I used 
W2K3R2x64-l as the new VM's identity. As 
you go through the wizard, you can make 
different hardware choices and choose a 
different guest OS profile, but if you just click 
Next, the wizard will use the values from the 
hardware and software profiles you incorpo¬ 
rated into the template. Select the host on 


which you'll deploy the newVM (I deployed 
it to HANSHI) and the path on the host 
to where the VM will be stored. (If you’ve 
configured the default VM path, you can just 
click Next.) Select the network interface you 
want to use, and indicate what actions the 
VM should take when the host server starts 
and stops. In the Summary screen you can 
choose to automatically start the VM after 
it's been deployed to the host server. Click 
Finish to start the VM creation. 



Figure 4: Creating a newVM template 


Additional Tips 

If you encounter a problem working with a 
VM in SCVMM that requires repair outside 
of SCVMM (e.g., in Hyper-V), right-click the 
VM, select Repair, then select the Ignore 
radio button to dismiss the failed state 
and simply refresh the VM's status within 
SCVMM. Hyper-V networking can be con¬ 
fusing. SCVMM has a “view networking" 
feature that shows you a graphical repre¬ 
sentation of how a VM is connected to the 
host and network. You can even broaden 
the scope to show the network configura¬ 
tion of all the VMs on the host. This feature 
is helpful for ensuring that you configured 
networking correctly should you have con¬ 
nectivity problems. 

SCVMM Best Practices 

SCVMM's VM template feature lets you 
quickly and consistently provision VMs. 
Although you might be tempted to start 
creating VMs within minutes of installing 
SCVMM, I recommend that you take the 
time to understand VM templates first. 
Then, gather your requirements for both 
VM hardware configurations and OS pro¬ 
file types. Use these requirements to create 
appropriate hardware profiles and guest 
OS profiles. Copy your stable of ISO disk 
images to the VMM library, and consider 
using a feature such as DFSR to keep all 
your libraries in sync with one another. 

Once you have all the building blocks 
in place, create and configure template 
VMs of each OS type, and perhaps even for 
configurations within types. Clone them 
for safekeeping into the VMM library, then 
create VM templates from these template 
VMs. With the resulting library of precon¬ 
figured templates, you can quickly provi¬ 
sion VMs when the need arises. Just don't 
forget to manage these VMs through their 
complete life cycle, which includes storing 
them back in the VMM library or decom¬ 
missioning them when they're no longer 
needed. ^ 

InstantDoc ID 101192 
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PROBLEM: 

In SMBs with multiple sites, 
there's no simple automated 
way to map printers for mobile 


SOLUTION: 

Customize AddressBased- 
Printer.vbs, then use with 
a network logon script to 
automatically create site- 
specific printer mappings 
when mobile users log on. 

WHATYOU NEED: 

AddressBasedPrinter.vbs, 
network logon script, Notepad 
(or another text editor) 

SOLUTION STEPS: 

1. Pick the site names. 

2. Download and open 
AddressBasedPrinter.vbs. 

3. Customize the code in 
callout B. 

4. Customize the code in 
callout D. 

5. Test AddressBasedPrinter 
.vbs. 

6. Integrate with existing 
network logon scripts. 


Create Site-Specific 
Printer Mappings 

‘“MOBILE 

USERS 

by Alex K. Make manual mappings a 
Angelopoulos mere memory 



roviding local print services for 
mobile users can be a perpet¬ 
ual problem in small-to-mid- 
sized businesses (SMBs) with 
multiple sites. Currently, there 
is no out-of-the-box solution 
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for providing location-based print services 
to mobile users for OSs earlier than Windows 
Vista. Starting in Vista, Microsoft offers an 
out-of-the-box solution for location-based 
printer assignment, but it isn't very useful for 
SMBs for two reasons. First, the assignment 
policies require an Active Directory (AD) 
structure that accurately reflects WAN topol¬ 
ogy. Second, the assignment policies take 
effect only after a Group Policy refresh. 

It's possible to solve this kind of problem 
with a script; it just takes some scripting 
skills and some time, which is often in short 
supply in a hectic network. The central 
problem is figuring out where a user is when 
he or she logs on to a network. The most 
reliable technique for determining a user's 
location is to get the network ID for the local 
system, then match that address to a known 
location. Although you can summarize the 
solution very simply as "if a computer is on 
network X, map printer group Y," scripting 
that solution is far from simple. 

First, you need to get the network ID 
for the local system. You can obtain the 
information needed to calculate this ID 
from Windows Management Instrumenta¬ 
tion's (WMI's) Win32_NetworkAdapterCon- 
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figuration class. However, you need to get 
the values of two properties—IPAddress 
(which contains IP addresses) and IPSub- 
net (which contains subnet masks)—then 
perform a bitwise AND operation on those 
values to get the network ID. To further 
complicate matters, computers generally 
have several network interfaces, so IPAd¬ 
dress and IPSubnet are arrays that typically 
contain multiple IP addresses and subnet 
masks, respectively. Even when there's 
only one IP address or one subnet mask, 
you still need to loop through the property 
to extract it because WMI returns that IP 
address or subnet mask as an array. 

If you're very lucky, you'll have only one 
network ID at this point. However, in all 
likelihood, you'll have several network IDs, 
and no direct way to determine which one 
is used for the LAN connection. To deter¬ 
mine the correct one, you need to compare 
the network ID for the local computer to 
the network IDs for each site until you find 
a match. 

Once a match is found, you still aren't 
completely finished. It's possible that the 
mobile user is running a Terminal Server 
session. You don't want to map printers 
for a Terminal Services session because 
printers located near the Terminal Server 
are by definition almost certain to be far 
away from the user. So, you also need to 
account for this situation. Finally, you need 
to handle two other possibilities: situations 
in which there are multiple matches, and 
situations in which there are no matches. 

The AddressBasedPrinter.vbs script 
in Listing 1 does all this. When used 
with an existing network logon script, 
AddressBasedPrinter.vbs automatically 
determines which site a mobile user is in, 
then maps the appropriate printers at that 
site. 

To implement this solution, you don't 
need to understand how AddressBased¬ 
Printer.vbs works. (Although if you're 
interested, see the sidebar "How Address¬ 
BasedPrinter.vbs Works," page 28.) Instead, 
you just need to follow these steps: 

1. Pick the site names. 

2. Download and open Address¬ 
BasedPrinter.vbs. 

3. Customize the code in callout B. 

4. Customize the code in callout D. 


Listing 1: AddressBasedPrinter.vbs 


’’Dim dbg: dbg = True 

Dim networkIDs: Set networkIDs = CreateObject("Scripting.Dictionary") 

Dim Nacs, Nac 

Set Nacs = GetObject("winmgmts://./root/cimv2").ExecQueryC 

"Select IPAddress,IPSubnet from Win32_NetworkAdapterConfiguration" _ 

& " where IPEnabled = true") 

For each Nac in Nacs 
Dim N 

If (Not IsNull(Nac.IPAddress)) And (Not IsNull(Nac.IPSubnet)) Then 
For N = 0 To UBound(Nac.IPAddress) 

networl<IDs(NetworkID(Nac.IPAddress(N) , Nac.IPSubnet(N))) = vbNullString 
Next 
End If 
Next 

Dim IDList: IDList = networkIDs.keys 


Dim Locations: Set Locations = CreateObject("Scripting.Dictionary") 
Locations("New York") = "192.168.1.0" 

Locations("Boston") = "192.168.42.0" 

Locations("Chicago") = "192.168.84.0" 

Locations("Atlanta") = "192.168.85.0" 

Locations("Los Angeles") = "192.168.111.0" 

Dim SystemLocation 
SystemLocation = vbNullString 
Dim Multi pieMatches 
Multi pieMatches = False 

Dim WshShell 

Set WshShell = CreateObject("WScript.Shell") 

Dim Session 

Session = WshShell.ExpandEnvironmentStrings("%SessionName%") 

If Session = "Console" or Session = "%SessionName%" Then 
Dim Location 

For Each Location in Locations.Keys 
Dim currentID 

For Each currentID in IDList 

’’If dbg Then WScript.Echo "ID: ", ’’CurrentID 
If currentID = Locations(Location) Then 

If dbg Then WScript.Echo "matched", CurrentID 
If SystemLocation <> vbNullString Then 
Multi pieMatches = True 
Else 

SystemLocation = Location 
End If 
End If 
Next 
Next 
End If 

If Not Multi pieMatches Then 
Dim WshNetwork 

Set WshNetwork = CreateObject("WScript.Network") 

Select Case SystemLocation 
Case "New York" 

’ Code to map New York printers. Example: 

’ WshNetwork.AddPrinterConnection "Default","\\NYPS01\CentralPrinter" 
Case "Boston" 

’ Code to map Boston printers. 

Case "Chicago" 

’ Code to map Chicago printers. 

Case "Atlanta" 

’ Code to map Atlanta printers. 

Case "Los Angeles" 

’ Code to map Los Angeles printers. 

Case Else 

’’If dbg then 

’’WScript.Echo "No matching location found." 

’’WScript.Echo "SystemLocation:", SystemLocation 
"End If 
End Select 
End If 


Function NetworkID(Address, Mask) 

Dim AddressOctets, MaskOctets, Result, N 
AddressOctets = Split(Address, ”.”) 

MaskOctets = Split(Mask, ”.”) 

ReDim Result(UBound(AddressOctets)) 

For N = 0 To UBound(AddressOctets) 

Result(N) = AddressOctets(N) And MaskOctets(N) 
Next 

NetworkID = Join(Result, ”.”) 

End Function 
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How 

AddressBasedPrinter.vbs 

Works 

AddressBasedPrinter.vbs in Listing 1, page 27, performs many tasks to determine 
which site a mobile user is in and create mappings to the appropriate printers at that site. Here's 
a brief overview of how it works. 

The script's first main task is to collect theTCP/IP-enabled Win32_NetworkAdapterConfigura- 
tion instances from the local computer. As callout A shows, for each configuration, it retrieves the 
IP addresses and subnet masks from the IPAddress and IPSubnet properties, respectively. After 
making sure these properties aren't empty, the script uses the NetworkID function in callout E to 
compute network IDs from the IP addresses and subnet masks. For example, if a computer has 
an IP address of 192.168.1.72 and a subnet mask of 255.255.255.0 associated with that address, 
the network ID for the computer—and all the other computers on the same network—will be 
192.168.1.0. (For information about how the NetworkID function works, see the web-exclusive 
Windows IT Pro article "Rem: How to Use WMI to Calculate a Computer's Network ID from Its 
IP Address and Network Mask" at windowsitpro.com/article/articleid/47100/47100.html.) The 
script adds the IDs to the networkIDs dictionary as keys. Using the Scripting Runtime Library's 
Dictionary object is better than using an array because you don't know how many network IDs 
there will be. By storing them in a dictionary at this point, you avoid having to micromanage a 
resizable array. In the last line in callout A, the script extracts the networkIDs dictionary's keys 
and assigns them to the IDList array. 

Next, the script creates another dictionary named Locations to hold the site names and net¬ 
work IDs specified in callout B. The code in callout C uses the Locations dictionary to determine 
which site the mobile user is in. 

In callout C, the script makes sure that the mobile user isn't running a remote Terminal 
Services session. If Terminal Server is properly configured, mobile users won't run a standard 
logon script when they log on, but just in case, the script checks for the %SessionName% logon 
variable. This variable exists on all OSs from Windows 2000 Server forward that can support 
Terminal Services sessions. When a user is directly logged on to the console of a system that has 
Terminal Services support, this variable will exist and will contain the value Console. If a user has 
a legacy OS (which includes Windows 2000 Professional in this case), this variable shouldn't exist 
and checking its value will simply return %SessionName%. In either case, the script handles the 
printer mappings. However, if the user is running a nonconsole session (i.e., a remote Terminal 
Services session), the script doesn't perform any matching and therefore won't accidentally set 
up printing to a remote location. 

When the user is directly logged on to the console, the script checks whether the network 
IDs in the Locations dictionary match the network IDs in the IDList array. When the script finds 
a match and that match is the first one found, it sets the SystemLocation variable to the corre¬ 
sponding site name, which it gets from the Locations dictionary. If SystemLocation has already 
been set because a previous match was found, the script sets MultipleMatches to True. 

Next, AddressBasedPrinter.vbs checks the value in MultipleMatches. When the value is True, 
the script ends. This ensures that printers aren't mapped for multiple network locations in case 
of a configuration error. When the value is False, the script creates a Windows Script Host (WSH) 
WshNetwork object, which enables connections to network shares and printers, then runs the 
VBScript Select Case statement. 

In the Select Case statement, the script looks fora match between the site in the SystemLoca¬ 
tion variable and the sites in the Case clauses in callout D. When the script finds a match, it runs 
the code under that Case clause (i.e., the code that creates the printer mappings), then quits. 
When no matches are found, the Case Else clause runs. In this case, the script displays a message 
that notes there aren't any matching sites, then quits. 


5. Test AddressBasedPrinter.vbs. 

6. Integrate with existing network logon 
scripts. 

7. Update AddressBasedPrinter.vbs as 
needed. 

STEP1: Pick the Site Names 

The first step is to pick a name for each site 
that contains printers mobile users might 
need to use. They should be simple, recog¬ 
nizable names. The names don't need to 
be elaborate because they're used only for 
matching purposes in the script. Write down 
each site's name along with its network ID 
for the LAN connection. 

STEP 2 Download and Open 
AddressBasedPrinter.vbs 

The next step is to download AddressBased¬ 
Printer.vbs. To do so, go to www.windowsit 
pro.com, enter 101230 in the InstantDoc 
ID box, click Go, then click the Download 
the Code Here button. Open AddressBased¬ 
Printer.vbs in a text editor, such as Notepad. 
(To open it in Notepad, right-click the script 
and click Edit.) 

STEP 3 \ Customize the Code in 
Callout B 

In AddressBasedPrinter.vbs, find the code 
in callout B. This is where you need to per¬ 
form your first customization. Customizing 
this content doesn't require much scripting 
knowledge. All you need to do is specify 
each site name and its network ID following 
the format 

Locations("SiteName") = "NetworkID" 

where SiteName and NetworkID are the 
site's name and network ID, respectively. 

In AddressBasedPrinter.vbs, I defined 
five sites, but you can have fewer or more 
if needed. If you have fewer than five 
sites, delete the unused lines. If you have 
more than five sites, copy and paste one 
of the existing Locations lines for use as a 
template. 

STEP 4: Customize the Code in 
Callout D 

In AddressBasedPrinter.vbs, find the code 
in callout D. You first need to customize 
the site names in the Case clauses of the 
VBScript Select Case statement. The site 
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Learning Path 

LEARN HOW TO AUTOMATE OTHER 
PRINTER TASKS 

"Per-Machine Printer Connections + Custom Plug-In," 
InstantDoc I D 49741 

"Per-Machine Printer GUI "InstantDoc I D 93741 
"Programmatically Change Permissions in Print 
Clusters," InstantDoc I D 97090 
"Rem: Mapping a Local IP Printer," InstantDoc I D 47899 
"Use 2 Tools to Assign Printers in Just 2 Steps," 
InstantDoc I D 96369 

"HTA Makes Installing Shared Printers Easy," InstantDoc 
ID 93233 


names must precisely match the names you 
used in the code in callout B. For example, if 
you specified "New York" for a site, the Case 
clause must read 


start with ' Code to map). The customiza- 
tions are now complete, so you can save the 
script and close Notepad. 

STEP 5: Test AddressBased- 
Printer.vbs 

Testing AddressBasedPrinter.vbs before you 
integrate it with your network logon scripts 
is much easier than testing it after the inte¬ 
gration. I recommend that you use the fol¬ 
lowing process to make sure the script works 
correctly for the sites you support. 

First, at one of the sites, run Address¬ 
BasedPrinter.vbs from a laptop that has no 
existing local printer mappings to confirm 
that the script correctly maps printers with¬ 
out raising any errors. Then, share the script 
with a mobile user at each site and have 
that person run it the same way to confirm 
that the local printer mappings work. If they 


To call AddressBasedPrinter.vbs from a 
VBScript logon script, you need to add 
the following code snippet to your logon 
script: 

Set WshShell = 

CreateObjectC’WScript.Shel1") 
dir = Left( 

WScript.SeriptFullName, _ 

Len(WScript.SeriptFullName) - _ 

Len(WSc ript.Sc riptName)) 

PrintScript = dir & _ 
"AddressBasedPrinter.vbs" 

WshShel1.Run PrintScript 

STEP 7: Update AddressBased¬ 
Printer.vbs as Needed 

As part of your network maintenance activi¬ 
ties, you'll need to update AddressBased- 


AddressBasedPrinter.vbs automatically 
determines which site a mobile user 
is in, then maps the appropriate 
printers at that site. 


Case "New York" 

If you use different capitalization (e.g., "new 
york") or different spacing (e.g., "NewYork"), 
the script won't work correctly. 

Once again, if you have fewer than five 
sites, delete the unused Case clauses in call¬ 
out D. (Don't delete the Case Else clause.) 
If you have more than five sites, copy and 
paste an existing Case clause for use as a 
template. 

Next, you need to insert the following 
line under each Case clause: 

WshNetwork.AddPrinterConnection _ 

"PrinterName", "PrinterPath" 

where PrinterName is the local display 
name you want to assign to the printer and 
PrinterPath is the share path to the printer. 
In callout D, you'll find an example of 
this line. In this example, the code is 
adding a mapping to the CentralPrinter 
printer shared on the NYPS01 server. This 
server will have the local display name of 
Default. 

You can define as many printers as desired 
for each site. By default, these printer map¬ 
pings won't be stored in the user's profile and 
will disappear when the session ends. 

Finally, in the code in callout D, remove 
any lines that begin with an apostrophe (i.e., 
the sample mapping code and the lines that 


work, you're ready to integrate Address¬ 
BasedPrinter.vbs with your network logon 
scripts. 

STEP 6 Integrate with Existing 
Network Logon Scripts 

AddressBasedPrinter.vbs is designed for use 
with existing network logon scripts. If you 
currently use VBScript logon scripts, you can 
insert the contents of AddressBasedPrinter 
.vbs into the logon scripts at each site. Alter¬ 
natively, you can call AddressBasedPrinter 
.vbs as an external script from virtually any 
kind of network logon script, including .cmd 
and VBScript logon scripts. 

To use AddressBasedPrinter.vbs as an 
external script, you need to place it in 
the same directory as your network logon 
scripts at each site. Assuming you've kept 
the name AddressBasedPrinter.vbs, you can 
call it from a .cmd logon script with the line 

cscript %dp0 


Printer.vbs when necessary. For example, 
you'll need to update the script whenever 
you add a new site to your WAN or whenever 
you remove, add, or rename shared printers 
and print servers on local networks. 

Give It a Trial Run 

If you provide local printer support to mobile 
users who visit multiple company sites, auto¬ 
mating printer assignment with Address¬ 
BasedPrinter.vbs is probably well worth a 
trial run. You'll likely reduce the amount of 
time you spend providing printer support to 
mobile users. Plus, mobile users' productivity 
will likely increase because they'll no longer 
have to wait for printer support. ^ 
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Exchange Server 2007 SP1 Resurrects 



[Editor's Note: The author has provided five screencasts to accompany this article. You can 
view the Create a New Public Folder Database, Create Public Folders Using the Public Folder 
Management Console, Mail-Enable Public Folders, Configure Public Folder Database Proper¬ 
ties, and Configure Individual Public Folder Settings screencasts at InstantDoc ID 100970. ] 

M icrosoft Exchange Server 2007 released to manufacturing amidst a swirl 
of rumors about public folders. First, customers began to notice that 
whereas previous versions of Microsoft Outlook required a public folder 
structure to function, Outlook 2007 clients don't require them at all. 
Then, a post on the "You Had Me at EHLO" Exchange Team blog site 
suggested that Microsoft would prolong public folder support, but also 
that the company was "de-emphasizing” public folders—leading some customers to start 
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■ PUBLIC FOLDER MANAGEMENT 


buzzing about alternative solutions, such as 
SharePoint. But the strongest indication that 
Microsoft was pushing public folders aside 
was the fact that users could administer 
Exchange 2007's public folder structure only 
from Exchange Management Shell (EMS). 
Suddenly, a GUI-supported technology in 
Exchange 2003 (and earlier) was gone, and 
that development really stirred the com¬ 
munity. To put people at ease, the Exchange 
Team explained that public folders weren't 
dead, although they would be supported for 
only 10 more years. (See the Learning Path 
for Microsoft guidance on public folders.) 

So, you don't need to be too worried and 
rush into the arms of SharePoint just yet. You 
have time to consider your decisions. In fact, 
the recent release of Exchange 2007 SP1 will 
probably ease your mind. If the lack of a GUI 
tool for managing the public folder structure 
is a concern for you, you'll be happy to know 
that Microsoft has corrected the problem in 
SP1 by including a new tool called the Public 
Folder Management Console. 

In a moment, we’ll look at the control 
SP1 gives you over public folders from both 
Exchange Management Console's (EMC's) 
Server Configuration work center node and 
the Public Folder Management Console. But 
first, one more helpful capability that SP1 
provides is a new administrator role called 


the Exchange Public Folder Administrator. 
You can use this role to assign administrative 
permissions over public folders to a user or 
a group. To locate these permissions, select 
the Organization Configuration work center 
from the EMC navigation tree. In the Result 
pane, you'll see the Exchange Administrators 
tab. Click the tab, then click Add Exchange 
Administrator to begin the wizard. 

The Server Configuration Work 
Center 

Creating a new public folder database isn't 
difficult. You can do it during the installation 
of your first Exchange 2007 server: Simply 
specify that you have pre-Outlook 2007 or 
Eudora clients (which require a public folder 
database to function), and Exchange will 
install the database for you. If you need to 
create a new public folder database after 
installation, you'd use EMC by expanding 
the Server Configuration node and selecting 
or creating the storage group in which you 
want to put the public folder database. From 
the Actions pane, you can choose New Public 
Folder Database to begin the wizard. You can 
specify a name and location for the Exchange 
database (.edb) file, and you can leave the 
Mount this database option selected or clear 
it if you want to hold off on the mounting 
process. After you click New, the system will 
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Figure 1 :The Server Configuration work center's Replication tab 


create the database. You can perform the 
same task through EMS by typing 

New-PublicFolderDatabase 
-Name "Name_of_Database" 

-StorageGroup "Name_of_Storage_ 
Group" 

where Name_of_Database is the database 
name and Name_of_Storage_Group is the 
storage group name. 

Before you add any folders 
to the database, you can config¬ 
ure database settings that will 
apply to those folders. Doing 
so is often wise because you 
might want to manage settings 
in bulk rather than on individ¬ 
ual folders. Select the database 
and choose Properties from the 
Actions pane. You'll see four 
tabs. 

The General tab. The Gen¬ 
eral tab provides basic infor¬ 
mation about the database, 
including the most recent full 
and incremental backups and 
the status. A section called 
Maintenance Schedule config¬ 
ures automatic daily mainte¬ 
nance, purging items that have 
been deleted, defragmenting 
the database, cleaning up white 
space, and so on. You can adjust 
the schedule. 
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Figure 2:The Public Folder Management Console 


The Replication tab. On 
the Replication tab, which you 
can see in Figure 1, the Replica¬ 
tion interval field determines 
how often public folders will 
be replicated. You can disable 
replication completely, change 
the time frame, and even cus¬ 
tomize the replication sched¬ 
ule. The default setting, Always 
Run, replicates public folders at 
the frequency specified in the 
Replication interval for “Always 
Run” (minutes) field. Replication 
message size limit (KB) specifies 
the size limit for a replication 
message. The system will group 
small items into a single replica¬ 
tion message but handle larger 
items differently. 

The Limits tab. The Limits tab sets storage 
limits, deletion settings, and age limits. Stor¬ 
age limits lets you configure mailbox size lim¬ 
its and issue warnings to users who exceed a 
threshold; you can even prohibit sending and 
receiving messages beyond a certain point. 
You can also allow for maximum post size 
(the default is 10MB). The Warning-message 
interval setting lets you configure when mail¬ 
boxes are scanned for compliance. 

Use Deletion settings to specify how 
long mailboxes are retained before they are 
purged—the default is 14 days. The Do not 
permanently delete items until the database 
has been backed up check box is somewhat 
unnecessary if you have a 14-day retention 
time. Hopefully, you back up more fre¬ 
quently than that, but if you alter the sched¬ 
ule, you might want to enable this setting. 

Age limits lets you configure an age for 
the database (from 0 to 24,855 days) and 
applies to all folders in the database. When 
the items in a folder reach the specified age, 
Exchange deletes them. One benefit of using 
age limits is that, if you're using the public 
folder database to collect automated mes¬ 
sages or spam, you can have the messages 
deleted automatically. 

The Public Folder Referral tab. The 
Public Folder Referral tab configures the 
folder replica that the client application will 
ultimately access. The way referrals work 
is that when a client tries to open a public 
folder, the server determines where the 
contents should come from. Ordinarily, you 
have several replicas of your public folders 


(although a small environment might have 
only a single location). When the server 
determines the best replica to offer, it gives 
the client a referral. If a replica exists on 
the local server, Exchange uses the local 
replica; if not, it looks in the same Active 
Directory site unless you specify otherwise 
on this tab. The default setting on this tab is 
Use Active Directory site costs. Alternatively, 
you can create a custom list of sites for 
Exchange to use. 

The Public Folder Management 
Console 

Before SP1, creating public folders with 
Exchange 2007 required working with 
EMS and—with the proper permissions 
assigned—the Outlook client. Without a 
GUI, you could get a bit frustrated with the 
inability to intuitively discover certain func¬ 
tions. You had to know exactly what you 
were doing in EMS, and not just with simple 
folder creation but also with more complex 
tasks such as public folder management, 
which might include folder-specific settings 
that override the database settings we just 
discussed or might involve the configuration 
of replicas. In fact, if you were transitioning 
from Exchange 2003 to 2007, I would have 
recommended using the Exchange 2007 
management tools—except when it came 
to replicating the public folder data. Work¬ 
ing with the System Manager in Exchange 
2003 was just easier. But SPl’s Public Folder 
Management Console changes all that. 

YouTl find the Public Folder Manage¬ 


ment Console in the Toolbox options of 
EMC’s navigation tree. When you open the 
tool, it opens a separate console that displays 
two groups of folders—Default Public Fold¬ 
ers and System Public Folders—as you can 
see in Figure 2. If you select Default Public 
Folders, you get a few options, one of which 
is New Public Folder (in the Actions pane). 
If you click the link to begin the wizard, the 
system prompts you for a folder name. You 
can create top-level folders, or you can nest 
one folder inside another. 

If you select an existing public folder, 
you'll see in the Actions pane that you can 
update content (allowing the folder to be 
updated immediately from all other repli¬ 
cas should a user on a different server add 
content to the folder), mail-enable the folder 
(public folders can receive posts from users 
but must be mail-enabled in order to receive 
email messages), or remove the folder. You 
can also access the folder's Properties. A 
folder's Properties page displays a three- 
tabbed dialog box. 

The General tab. The General tab on 
the Properties page shows you standard 
information such as the size of the folder, the 
total number of items, and when the folder 
was most recently modified. The Maintain 
per-user read and unread information for 
this folder check box, which is selected by 
default, lets a user see whether a message 
has been read or remains unread in Out¬ 
look. 

The Replication tab. On the Replication 
tab, you can choose other servers (if you have 
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Figure 3:The Public Folder Management Console's Replication tab 


them) to hold replicas of your public folders, 
as Figure 3 shows. Imagine that you have sev¬ 
eral branch offices around the world and that 
users everywhere need to access the same 
information. If all the data resides in just 
one location, you're looking at a ton of extra 
traffic at that location. However, creating 
replicas (not necessarily of every folder, but 
of folders that are interesting on the global 
level) in appropriate locations can reduce 
traffic and improve performance. You can 
adjust the replication schedule or simply go 
with the schedule already established on the 
database. You can also specify a local replica 
age limit (in days). 

The Limits tab. The Limits tab lets you 
either use the default database quota, item 
retention, and age limits on the folder or 
choose a different set of limits to use. For 
example, you might decide that a particular 
folder requires a maximum item size for 
posts because of its content or that another 
folder requires a different age limit before 
content expires. 

What Can SharePoint Offer You 
Now? 

Now that you know what SP1 brings to the 
table, what do you want to do with your 
existing public folder structure? If you don't 
have one and you're building an organiza¬ 
tion from the ground up, will you still use 
public folders? Or will you take the plunge 
into SharePoint? 


You might be thinking primarily of cost. 
Although SharePoint's most mature, sup¬ 
ported, and expensive version is Microsoft 
Office SharePoint Server (MOSS) 2007, you 
don’t need to use MOSS. The free Windows 
SharePoint Services version of SharePoint 
has most of the features you need to pro¬ 
vide a document library and collaboration 


services for your users. So, cost might not 
be the most pressing factor. Or, considering 
the stability of public folders—proven over 
many years—you might be concerned about 
the relative newness of the SharePoint ser¬ 
vice offerings and prefer to stick with your 
public folder structure a little longer, until 
you can see what Microsoft develops next 
for SharePoint. 

But Microsoft wants you to know what 
SharePoint can offer you now. Team Work¬ 
spaces let teams collaborate and communi¬ 
cate easily; Document Management offers 
versioning and other modem document- 
management features such as check-in 
and check-out for documents, as well as 


automatic notifications of con¬ 
tent changes; and Workflow 
Applications are templates that 
you can customize to provide 
precisely what you need. Above 
all, Microsoft recommends that 
you consider a middle ground 
in which you begin using Share- 
Point now, so that you can see 
whether it might suit your 
needs, and prepare your orga¬ 
nization for an eventual migra¬ 
tion, however far in the future 
that might be. 

Not Going Anywhere 
Soon 

The clamor was beginning for 
Microsoft to continue support¬ 
ing the public folder structure. 
But no one has said Microsoft 
can't support the use of public 
folders in Exchange deployments (forever, if 
necessary) while still promoting SharePoint. 
True, SharePoint has some terrific, forward- 
thinking features, but sometimes you just 
want a public folder structure. 

Public folders shouldn't be threatened 
with extinction in favor of an entirely new 
product, when the two technologies can 


work side-by-side seamlessly. At least in 
SP1, Microsoft has given us the tools we 
need to easily do our job of managing 
public folders through the Public Folder 
Management Console. ^ 
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In SP1, Microsoft has given us the tools 
we need to easily do our job of managing 
public folders through the Public Folder 
Management Console. 
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Working with 

PowerShell's 
Data Types 


I n Windows PowerShell, the data your statements retrieve, 
pass to other statements, and output to the console must 
conform to the Microsoft .NET Framework data types. For 
the most part, PowerShell automatically assigns and con¬ 
verts data to its correct data type. However, at times, you 
might want to control this process to create statements 
that better use the data you have available. Let's look at how to 
work with several types of data and how to cast and convert data 
to specific data types when needed. 

Working with Strings 

Administrators often work with data that's in the form of 
strings, and working with strings is a straightforward process 
in PowerShell. For example, the following code assigns 
the string “cat" to the $a variable, then displays the result, 
which is cat: 

Sa = "cat"; $a 

Because the code assigns a string to $a, PowerShell auto¬ 
matically casts $a with the System.String type. 

You can use the GetType method and its FullName 
property to determine a variable's data type. For example, 
the command 

Sa.GetTypeO.FullName 

returns the result System.String. 

To add strings together, you use the plus (+) operator. For instance, the following code 
adds the string " & dog " (including spaces) to $a, then displays the result, which is cat & 
dog: 



$a = $a 


& dog 


$a 


You can add a numerical value to a string. When you do this, the number is automatically 
converted to a string. For example, the following code adds 10 to $a, then displays the result, 
which is cat & dog 10: 

S a = $ a + 10; S a 
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If you were to verify the data type, it would 
still be String. For more information about 
working with strings, see “PowerShell 101, 
Lesson 4," May 2008, InstantDoc I D 98447. 

Working with Numbers 

Like string data, numerical data is simple 
to work with in PowerShell. You assign 
numerical values as you would string val¬ 
ues, except that you don't enclose numeri¬ 
cal values in quotes. When you specify a 
numerical value, PowerShell automatically 
assigns one of four data types to that value 
(unless you're concatenating the numerical 
value to a string, as you saw in the previous 
example): 

• System.Int32, which is a 32-bit integer 
(/ int] alias). 

• System.Int64, which is a 64-bit integer 
{[long] alias). 

• System.Double, which is an 8-byte, 
floating-point decimal {[double] alias). 

• System.Decimal, which is a 12-byte dec¬ 
imal {[decimal] alias). Decimal provides 
more precision than Double. 

The following statements demonstrate 
how PowerShell assigns data types to 
numerical values: 

$a = 1234; $a 
$a.GetType().FullName 
$a = 12345678910; $a 


different data types 


Sa.GetTypeO.FullName 
Sa = 1234.5678; Sa 
$a.GetType().FullName 
Sa = 1234.5678d; Sa 
Sa.GetTypeO.FullName 

As Figure 1 shows, PowerShell assigns a data 
type to the first three variables based on the 
value. However, to assign the Decimal type, 
you must specify the letter d directly after 
the number; otherwise, PowerShell treats 
the value as a Double type. 

You can use the plus operator to join 
numerical values. When you do so, the 
numerical values are added, not concat¬ 
enated as they are with string values. For 
example, the following statements assign 
1234 to $a, then add 1.5678 to $a: 

$a = 1234; $a 
Sa.GetTypeO.FullName 
$a = $a + 1.5678; Sa 
Sa.GetTypeO.FullName 

As Figure 2 shows, PowerShell adds the 
two values together and automatically con¬ 
verts the variable's data type from Int32 to 
Double. 

If you try to add a string that isn't a 
number to a numerical value, you'll receive 
an error. PowerShell can't convert non¬ 
numeric string values into numerical values. 
For example, you can add the string "4" to a 
numerical value, but you can't add "four." 

Working with Arrays 

Arrays are collections that have the System 
.Object[] type. The [] after the data type lets 
you know that it's an array with multiple 
values. PowerShell automatically assigns 
the Object[] type to arrays. For instance, 
the code 

$a = "a'Y'b'Y'c"; Sa 

creates an array with three string values, 
then returns the results 

a 

b 

c 

You use an array's index number to 
access the individual values in the array. 
Arrays use a 0-based index, so to access 
the first value, you specify the array's name 
followed by the index number in brackets, 
as in 

Sa [0] 


X Windows PowerShell 


IPS C:\> $a = 1234; $a 
1234 

IPS C:Y> Sa.GetTypeO .FullName 
System.Int32 

PS C:S> Sa = 12345678910; Sa 
12345678910 

IPS C:Y> Sa.GetTypeO .FullName 
System.Int64 

IPS C:\> Sa = 1234.5678; Sa 

1234.5678 

|PS C:Y> Sa.GetTypeO .FullName 
ISystem.Double 

IPS C:S> Sa = 1234.5678d; Sa 

1234.5678 

IPS C:\> Sa.GetTypeO .FullName 
iSys tern. Decimal 
IPS C:S> _ 


Figure 1: Assigning data types to numerical data 


X Windows PowerShell 


PS C:\> Sa = 1234; Sa 
1234 

IPS C:\> Sa.GetTypeO .FullName 
jSystem. Int32 

IPS C:\> Sa = Sa + 1.5678; Sa 

1235.5678 

PS C:\> Sa.GetTypeO .FullName 

System.Double 

PS C:\> 


Figure 2: Adding two numerical values that have 
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This statement returns the result a. If you 
want to access more than one value, you just 
include as many statements as you need. 
For example, the statements 

$a[1]; $a[2] 

return the results 

b 

c 


You can use the plus operator to add a 
value to an array. For instance, the code 

$a = Sa + "d"; Sa 

adds d to the $a array, then displays the 
results 

a 

b 

c 

d 

When d is added to the array, PowerShell 
assigns the next available index number (3) 
to that value. 

You can assign numerical values to an 
array as easily as you assign string values. 
For example, the command 

Sa = 1,2,3; Sa 

returns the results 

1 

2 

3 

Once again, PowerShell assigns the Object[] 
type to the array. 

You can include any type of numerical 
value in an array. For example, the following 
code assigns an integer value (1) and two 
decimal values (2.2 and 3.33) to $a: 

Sa = 1,2.2,3.33; Sa 

In fact, you can add any type of value to an 
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X Windows PowerS hell 


PS C:\> $a = 10, "cat", <Get-Date>; $a 
10 


Wednesday, June 11, 2008 5:11:03 PM 


PS C:S> $a.GetTypeO .FullNane 
Systen.Object[3 
PS C:\> 

PS C:\> $a[03.GetTypeO .FullName 
System.Int32 

PS C:\> $a[l 3 .GetTypeO .FullName 
Systen.String 

PS C:S> $a[23.GetTypeO.FullName 
Systen.Date!ine 
PS C:N> 

PS C:\> $a[2 3 = "dog"; $a 

10 

cat 

dog 

PS C:\> $a [2 3. GetTypeO. FullName 
System.String 
PS C:S> 

PS C:S> 


Figure 3: Combining values with different data types in an array 



Figure 5: Adding a key/value pair to a hash table 


array. For instance, the following code cre¬ 
ates an array that includes a numerical value 
(10), a string value ("cat"), and a date-time 
value (the current date and time, which is 
obtained with the Get-Date cmdlet): 

Sa = 10, "cat", (Get-Date); $a 
Sa.GetType().Ful1 Name 

As Figure 3 shows, the array type is Object[]. 
However, the data types of the individual 
values remain specific to those values. You 


can return the individual values' 
types with statements such as 

$a[0].GetType().Ful1 Name 
$a[1] .GetTypeO . FullName 
$a[2] .GetTypeO . FullName 

Each statement uses the index 
number to identify the value, 
then uses GetType to retrieve 
the value's type. Figure 3 shows 
the results. 

To change a value in an 
array, you specify the value's 
index number and assign the 
new value, as in 

$a[2] = "dog"; $a 
$a[2] .GetTypeO . FullName 

PowerShell replaces the value 
and assigns the correct type to 
that value, as shown in Figure 
3. 

Working with Hash Tables 

Hash tables are collections that 
take the System.Collections 
.Hashtable data type. The pri¬ 
mary difference between hash 
tables and arrays is that hash 
tables use named keys rather 
than index numbers to identify 
values. For example, the fol¬ 
lowing code assigns three keys 
and their values to the $a hash 
table, then displays that table's 
contents and data type: 

$a = @{b="bird"; c="cat"; 
d="dog"} 

$a 

$a.GetTypeO. FullName 

As the first line shows, you create 
a hash table by using the @ sym¬ 
bol followed by a set of braces 
that enclose the collection of 
key/value pairs. The first key/value pair is 
b/bird, as Figure 4 shows. 

You can retrieve a list of the keys in a 
hash table by using the Keys property. For 
example, the statement 

$a.Keys | sort 

retrieves the $a hash table's keys, then uses 
the Sort-Object cmdlet (referenced with the 
sort alias) to sort the keys alphabetically. 
Similarly, you can use the Values property 


to retrieve a hash table's values, as this state¬ 
ment shows: 

$a.Values | sort 

You can also retrieve an individual value 
by referencing the key, with a statement 
such as 

$a.b 

Figure 4 shows the results of these last three 
statements. 

To add a key/value pair to a hash table, 
you can reference the new key as you would 
an existing key, then provide the new key's 
value, as in 

$a = @{b="bird"; c="cat"; d="dog"} 

$a.e = "elephant"; $a 

As Figure 5 shows, the key/value pair of e/ 
elephant is added. 

PowerShell does 
most of the work 
when it comes to 
assigning and 
converting data 
types, but you can 
override this 
behavior. 


To change the value of an existing key, 
you reference the key and provide the new 
value, as in 

$a = @{b="bird"; c="cat"; d="dog"}; Sa 
Sa.d = "dingo"; Sa 

This code changes the d/dog pair to d/ 
dingo. 

To remove a lcey/value pair, you use the 
Remove method. For example, to remove 
the d/dingo pair, you'd use code such as 

Sa.remove("d"); Sa 

Casting and Converting Data Types 

At times, you might want to control the data 
type assigned to a scalar (i.e., single) value. 
For example, suppose you need to make 
sure the value 10 is treated as a numerical 
value and not a string. You can use the fol- 
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PS C:\> $e = Get-Date 
|PS C:\> $e.GetTypeO .FullName 
System.DateTine 
jPS C:\> $e = [string] $e 
PS C:\> Se.GetTypeO.FullName 
System.String 
PS C:N> 

IPS C:\> Sf = [doublem <"1", "2'', "30 
;PS C:\> $f .GetTypeO .FullName 
System.Double[] 

IPS C=N> Sf = [string[]] Sf 
iPS C:\> $f .GetTypeO .FullName 
System.String[] 

PS C:\> 

IPS C = N> 


Figure 8: Converting data types for scalar values and arrays 


lowing code to create a variable that holds a 
Double-type value, even though the initial 
value is a string: 

$a = [double] "10" 

$a.GetType().Ful 1 Name 

Notice that you specify the Double type 
before the value. As Figure 6 shows, you can 
achieve the same results with the code 

[double] $b = "10" 

$a.GetType().Ful 1 Name 

However, there's a difference between the 
two approaches. The first approach simply 
changes the value to the Double type. The 
second approach strongly types the variable, 
which means you can assign only values 
with the same data type to that variable. You 
can test this difference by trying to assign a 
string to the $a and $b variables: 

$a = "ten"; Sa 
Sb = "ten" 

As Figure 6 shows, you can assign a string to 
$a but not to $b. 

You can also control the data type 
assigned to an array. For example, the code 

$c = [doublet]] ("1","2","3") 

$c.GetType().Ful1 Name 

assigns the Double [] type to the $c array, 


overriding the default 
Object[] type. The [] denotes 
it's still an array with mul¬ 
tiple values. As Figure 7 
shows, the following code 
achieves the same results: 

[double[]] $d = 

("1","2","3") 

$d.GetTypeO . Ful 1 Name 

Unlike scalar values, arrays 
are strongly typed by both 
approaches. For example, if 
you try to change one of the 
values to a string with the 
statements 

$c[2] = "ten" 

$d[2] = "ten" 

the statements will fail (see Figure 7). 

There might be times when you need 
to convert an existing variable's data type. 
For instance, suppose you need to convert 
a date-time variable to a string variable. You 
can use code such as 

Se = Get-Date 
Se.GetTypeO . Ful 1 Name 
Se = [string] Se 
Se.GetTypeO.FullName 


You can take a similar approach with 
an array. The following code creates a 
Double []-type array, converts the array to 
the String[] type, and reassigns the values 
back to the array: 

Sf = [doublet]] ("1","2","3") 

Sf.GetType().Ful1 Name 
Sf = [string[]] Sf 
Sf.GetType().Ful1 Name 

As you can see in Figure 8, the variable's data 
type is now String []. 

Even if an array's values are different data 
types, you can convert them all to one type 
with code such as 

$g = 10, "ten", (Get-Date) 

$g = [string[]] $g 

When you convert the array's data type to 
String [], PowerShell converts all the values 
to strings. 

Let PowerShell Do the 
Work—Or Not 

As you've seen in this lesson, PowerShell 
does most of the work when it comes to 
assigning and converting data types. How¬ 
ever, you can cast and convert data to 
override this behavior in order to create 
statements that can better use the available 
data. ^ 
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In this code, the $e variable initially contains 
the value returned by 
the Get-Date cmdlet. 
The code then con¬ 
verts the variable to 
the String type and 
reassigns the value 
back to the variable. 
As Figure 8 shows, 
PowerShell changed 
the variable to the 
String type. 

Figure 6: Casting data types for scalar values 



Figure 7: Casting data types for arrays 
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C:\> Sa = [double] "10" 
C:\> Sa.GetTypeO .FullName 
ten.Double 

C:\> 

C:\> [double] Sb = "10" 
C:\> Sa.GetType O .FullName 
ten.Double 

C:\> 

C:\> Sa = "ten"; Sa 
C:\> Sb = 

not convert valu e "ten l 
line::! char:3 
b «« - 
C:\> _ 
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WHEN 

March 26,2009 and April 30,2009 

WHERE 

Your computer 

COST 

$99 each day (only $89 each if you 
register for both!) 

LESSONS 

March 26 

11:00 am EOT - SQL Server Basics 
12:30 pm EOT - SQL Server Administration 
2:00 pm EOT - SQL Server High Availability 

April 30 

11:00 am EOT - SQL Server Performance 
12:30 pm EOT - SQL Server Security 
2:00 pm EOT - Planning New SQL Server 
Oeployments 

HOW 

Register at www.WindowslTPro.com/go/ 
elearnling/SQLServerforN o n D Bs 


Hit the Ground Running with 
SQL Server Basics! 

Join SQL MVP Allan Hirt on March 26,20Q9 and April 30, 
2009 for 6 fundamental SQL Server lessons tailored to 
pros new to SQL, plus live Q&A sessions—all on your own 
computer! Learn howto plan, deploy, and administer SQL 
Server (includes aspects of SQL Server 2000, SQL Server 
2005, and SQL Server 2008). Whether you’re new to 
database administration or expanding your knowledge from 
another RDBMS, this series is your SQL Server solution. 


INSTRUCTOR 


Allan Hirt has been consulting, training, 
developing content, speaking at events, 
and authoring books, whitepapers, and 
articles related to SQL Server for the past 
IQ years. Allan is the author of the 
upcoming book Pro SQL Server2008 
Failover Clustering impress), due to be published in the 
spring of 2009. 



Learn more about the speaker, sessions, 
and how to reserve your seat at: 
www.WindowslTPro.com/go/elearning/ 
SQLServerforNonDBs 
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Introducing an integrated approach to complete 
SharePoint protection and management 


DocAve™ Software for SharePoint 
Changing the way Administrators manage SharePoint 



Backup & Recovery 


Administration & Replication 


Compliance 

Migration to SharePoint 


SharePoint management made simple. 

Now you can control and manage the back-end of 
all your SharePoint environments from one place. 
DocAve is the only truly integrated, easy-to-use 
software that offers a complete set of SharePoint 
backup, recovery, and administration tools. One 
solution, with many mix-and-match functions, 
now gives you power like never before. 


Complete SharePoint protection. 

With item-level backup and full-fidelity restore, 
DocAve allows for fast recovery of business critical 
documents and content. Complete SharePoint 
platform backup allows for quick and painless 
recovery of the entire system during a disaster. 
With DocAve, you’ll have complete confidence 
in your SharePoint environment. 



AvePoint 


Call 1-800-661-6588 or visit wwwAvePoint.com for 
more information or to download a free trial. 


© AvePoint, Inc. All rights reserved. DocAve, AvePoint, and the AvePoint logo are trademarks of AvePoint, Inc. All other names mentioned are property of their respective owners. 






Publishing 

Microsoft 
Office Links 
^SharePoint 
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officesharepointpro.com 

Learn the gritty 
details of how links 
from Microsoft Office 
SharePoint Server 
2007 find their way 
into Office 2007 

by Kevin Laahs 


B oth Windows SharePoint Services (WSS) 3.0 and 
Microsoft Office SharePoint Server (MOSS) 2007 
have many integration points with Microsoft Office 
2007. For example, Microsoft Office Outlook 2007 can 
synchronize lists for read/write access and Microsoft 
Office Word 2007 can edit offline documents. As 
SharePoint use grows, end users find themselves with many sites, 
libraries, and lists, and keeping tabs on all of them becomes a 
chore. It's possible to manually create links in My Network Places 
to SharePoint sites, but maintaining these Network Places is so time 
consuming it eventually defeats the original intention of making it 
easy to locate the sites you most commonly work in. 

MOSS, in conjunction with Office 2007 applications, helps ease 
this pain by automatically maintaining links to various sites and 
libraries. These links surface in different locations and serve multiple 
purposes. Some links appear in the Open and Save dialog boxes, 


some surface in Outlook for automatic synchronization and offline 
editing of your personal documents, and others help display a user's 
public My Site page. By learning how MOSS maintains links and 
how they find their way into Office applications, you'll provide your 
users the most bang for their buck and be able to fix things if they 
go awry. 

MOSS and My SharePoint Sites 

Publishing links into Office applications is closely related to the 
My Site features in MOSS, so the information in this article doesn't 
apply to a WSS implementation. You manage MOSS mostly through 
the Shared Services Administration site. 

One of the core pieces of the SharePoint integration jigsaw 
is MOSS's ability to maintain a list of all the SharePoint sites to 
which you have access. More specifically, MOSS can list all sites to 
which you've been granted explicit access through the Members 

group. MOSS main¬ 
tains knowledge 
of the members of 
team sites and pre¬ 
sents this informa¬ 
tion through a user's 
My Site, as shown in 
Figure 1. Member¬ 
ship information 
surfaces in multiple 
places: SharePoint 
Sites on your private 
page, documents 
and memberships 
on your public page, 
and the My Share- 
Point Sites section 
of My Links, which 



Figure 1: Membership information on a My Site 


www.windowsitpro.com 


We're in IT with You 


Windows IT Pro 


MARCH 2009 41 





























■ SHAREPOINT OFFICE LINKS 



Tircilinrci 'riur "vVnr , r -r| PuMirhr - 1,-1 r n C ~ r i-, c | lm 


\_ m J 

Published links to Office client applications 


‘■yw a Hto&rta* 

ia Centra 

Ail nhrtlrrjl-ufi 

Uw llv Stf to Wr hi ***** rfwvrq tWM tttJwvjijy.Mini frQfHcij i vrJ- ■ | rii pfrAih^d h*-* r.-* 

mi* Ir* 1 *' tK'V+'Ki OHfinf -J’-tl r-T-*v| tfrapw* '. l ;t to ■l-r-'yTr I Hi --t»; 

It IJWTP 



i*tn * MlWu *■ :-rtLr<a ■ *c<-> Alik** 


MviwO'dlian 

' PI Vi*! in+PHlJ 


■ SBrtSffflOBl 

^ Lfcrjrv fm 


ilci T Uf bill 

.Jj Qifv luttq fliuiai Ltr-M-y Vw 



_j| rtq Imlta Vai 




■ 


Figure 2: Publishing links to Office applications 

appears on all SharePoint sites if youVe 
enabled it. This membership information 
gives you one-click access to the team sites 
that are important to you and lets others 
who view your public profile see which sites 
you are both members of. 

When your Active Directory (AD) account 
has been explicitly added to the SharePoint 
group that represents the members of a 
particular site, that 
site appears in all 
these places. The 
site Members group 
gives members the 
right to contribute to 
the site. By default, 
this SharePoint 
group is called “site- 
name Members.” 

It's not commonly 
known, but you can 
override this default 
and designate any 
group within the site 
to be the members 
group. Anyone with 
owner access can do 
so via Site Actions/ 

Site Settings/People 
and Groups/Settings/Set Up Groups. 

The requirement that you be a mem¬ 
ber of a site's Members group for that 
site to show in your My SharePoint Sites 
list is important, because there are many 
other ways users can be granted contribu¬ 
tor access to a SharePoint site. For example, 
owners of team sites have contributor access 
but don't appear in the Members group, so 
those team sites don't appear in the own¬ 
ers' My SharePoint Sites lists. In such cases, 
you might want to add owners explicitly to 
the Members group. Another example is a 
security group that you add to the Members 
group. Although members of the security 


group are members of the team site, the 
team site won't appear in the My SharePoint 
Sites lists of members of the security group. 

The My SharePoint Sites list requires your 
account to have an entry in the SharePoint 
user profile and be maintained by a back¬ 
ground profile synchronization task, which 
runs hourly by default. You can change the 
frequency of this task using the sync opera¬ 


tion of the Stsadm command-line utility 
(stsadm.exe). To change the frequency to 
every 5 minutes, use the command 

Stsadm -o sync -synctiming 

"every 5 minutes between 0 and 59" 

Note that it isn't necessary to create a My 
Site for My SharePoint Sites to appear in the 
My Links part of any SharePoint page, but 
as you'll see, you must create a My Site to 
have links published to Office applications. 
The My SharePoint Sites links are stored 
in the Shared Services database in a table 
called UserMemberships, and any links you 
manually create via your My Links are stored 
in the table called UserLinks. 


MOSS—Publishing Links 
to Office Applications 

You can configure MOSS to pub¬ 
lish explicit links to sites and 
libraries, in addition to having 
it maintain the list of My Share- 
Point Sites. You can target these 
links to audiences, AD distribu¬ 
tion and security groups, or any¬ 
one who has access to the site the 
link points to. The links that you 
publish here ultimately find their 
way into the Open and Save dialog boxes 
along with those from your My SharePoint 
Sites list. Targeting a link to users and groups 
that have access to the team site gives new 
site users a great way to navigate to libraries 
within a site by using the Open and Save 
dialog boxes in Office applications. 

You maintain the list of published links 
by using the Published links to Office client 


applications option from Shared Services 
Administration, as shown in Figure 2. The 
list of links specified here is stored in the 
SharedListSync table in the Shared Services 
database. When you create a link in this 
list, you can specify whether the link is for 
all users or for targeted users by specifying 
audiences, AD groups, or members of the 
team site to which the link relates. 

Connecting Office to SharePoint via 
My Site 

The connection between Office applications 
and the links that SharePoint maintains 
is initiated from the user's My Site. When 
the user visits My Site, SharePoint checks 



Figure 3: Setting default My Site 
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Figure 4: Links written to registry 

whether a current connection exists to any 
My Site and, if it does, whether the connec¬ 
tion is to the same site the user is currently 
viewing. SharePoint makes this determi¬ 
nation by interrogating the local registry 
using the PortalConnectl2.PersonalSite.l or 
PortalConnect.PersonalSite.l ActiveX con¬ 
trol, which is installed with Office 2007 and 
Office 2003, respectively. 

The registry subkey that's interrogated 
for Windows XP is HI<EY_CURRENT_USER\ 
Software\Microsoft\Office\12.0\Common\ 
Portal\PersonalSiteURL. If the subkey value 
is missing or doesn't point to the site you're 
viewing, you're given the option to make the 
site your default My Site. Setting the default 
site brings up a dialog informing you that 
Office can remember your My Site in order 
to interact with it from Outlook and when 
opening and saving files, as shown in Figure 
3. If you continue, the registry subkey value 
is set to your My Site URL. This URL then 
acts as the conduit through which your My 
SharePoint Sites are populated for Office 
application use, as I explain a little later. 

SharePoint creates another registry 
value at HKEY_CURRENT_USER\Sofware\ 
Microsoft\Office\12.0\Common\Open 
Find\Places\UserDefinedPlaces\Personal 
Site\Path to show the My Site location in 
the Open and Save dialog boxes of Office 
applications. When you bring up the Open 
or Save dialog box in any Office 2007 appli- 
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Figure 5: File Open/Save links 
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cation or right-click a 
recipient in Outlook 
2007 to bring up the 
Persona menu, the 
application deter¬ 
mines whether a connection to My Site 
has been established. The application 
looks for the PersonalSiteURL value in the 
HKEY_CURRENT_USER\Software\Micro 
soft\Office\12.0\Common\Portal\ regis¬ 
try subkey. When this value exists, the 
application looks in the same subkey for 
a value called LinkPublishingTimeStamp. 
This value determines whether Office will 
ask SharePoint for an updated list of links. 
Office updates its links once a day, but you 
can force it to update by removing the Link¬ 
PublishingTimeStamp value. 

When an Office application's links need 
to be updated, the application calls the 
PublishedLinksService web service's GetLinks 
method, which stores the updated links 
in the registry subkey HKEY_CURRENT_ 
USER\Software\Microsoft\Office\12.0\ 
Common\Server Links\Published\My Site, 
as shown in Figure 4. Each value in this 
subkey represents a link of some sort, and 
how the value is used depends on the Link- 
Type value associated with the key. The key 
in Figure 4 will find its way into Outlook for 
synchronization using the stssync protocol. 
The Profile Site link subkey, also visible in 
Figure 4, triggers the View My Site option 
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in the Persona menu. Links for Open and 
Save dialog boxes are created on disk at 
Windows_proflle\Local Settings\Application 
Data\Microsoft\Office\My SharePoint Sites 
and subsequently displayed in the dialog 
boxes, as shown in Figure 5. 

Making SharePoint More Valuable 

It might not be immediately apparent to end 
users, but Office and SharePoint have some 
neat integration points. By understanding 
and using these integration points when 
implementing SharePoint, you'll draw the 
best experience and maximum value from 
your investment in this technology. Putting 
thought into areas such as how best to grant 
access rights to team sites can increase the 
usefulness of Office applications in conjunc¬ 
tion with SharePoint. ^ 
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Register for this FREE resource today at 

www.windowsitpro.com/go/WebSeminar/SharePointReplication 


Whether you're migrating, upgrading, or re-organizing, Metalogix 
SharePoint Site Migration Manager is the migration and upgrade tool 
you need. Using the Migration Manager's copy and paste interface, 
you can migrate SharePoint Sites, Lists and Libraries between servers 
with full fidelity; re-organize or re-template your SharePoint conten 
and manage your upgrade with zero downtime. 


Got SharePoint? I 5harePoint Replication Tips 


Then post your SharePoint solution here! 

Build brand awareness and preference with key SharePoint 
influences in our SharePoint Showcase section. 


Considerations for an Effective Information Sharing Strategy 

In this web seminar, learn howto effectively replicate in your SharePoint 
environment with key considerations such as conflict resolution for 
two-way replication, synchronization of content, configuration and 
securities, and optimizing network bandwidth consumption. 
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Realize the benefits of SharePoint in this 
web seminar, which will explore migration 
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effectively transfer content from Lotus Notes i 
and QuickPlace onto SharePoint 2007. 
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www.windowsitpro.com/go/WebSeminar/SharePointAdoption 


rackspace. 


HOSTING 

Rackspace Hosting offers flexible and customizable 
Sharepoint solutions backed by our Fanatical Support Promise™ 


Let us manage your IT needs. We are here 24x7x365, Live. 
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Best practices for Deploying 
Microsoft Office SharePoint Server 2007 


In this white paper, learn best practices along with considerations 
for deploying Office SharePoint Server 2007 with Hyper-V 

I on HP ProLiant servers and HP BladeSystem servers with 
sample configurations for typical Office SharePoint 
Server 2007 deployments when using Hyper-V. 


Register for this FREE resource today at 

www.windowsitpro.com/go/WhitePaper/SharePointDeployment 
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Bomgar Adds BlackBerry Help 
Desk Support 


As mobile devices continue to gain trac¬ 
tion, they are being treated with many 
of the same benefits and concerns of 
computers. Bomgar has added support 
for BlackBerry mobile devices to its cen¬ 
tralized Help desk platform. Bomgar's 
solution also supports Windows, Mac, 
Linux, and smartphone OSs. 

Bomgar also announced added sup¬ 
port and integration with HP Service 
Manager, as well as a "Bomgar Button" 
that enables a user in trouble to click 
an icon on the desktop and be instantly 
connected to the Help desk. "We can 
reach out over the Internet and fix a sys¬ 
tem," says CEO and founder Joel Bomgar. 
"A user doesn't have to figure out what 
number to call or what website to go to." 

Nathan McNeill, vice president of 
product strategy, cites a Verizon Business 
research report that found that organi¬ 
zations are four to five times more likely 
to be hacked through remote control 
solutions than through wireless net¬ 
works. Other remote control solutions, 
such as Software as a Service solutions, 
"introduce huge security and owner¬ 
ship hurdles. A vendor is storing your 
sensitive data. With an appliance, you 
host internally; data isn't routed through 
other vendors." 

"Enterprises are facing the need to 
reference and report on an incident. We 
added the ability to integrate with HR" 
says McNeill. "Basically you can have one 
incident that tracks across Bomgar and 
across HP." Bomgar has also enhanced 
the manageability of its product and 
added the ability to customize public 
portals, helpful for organizations need¬ 
ing to support multiple customers or 
products. To learn more, call 601-519- 
0123 or visit www.bomgar.com. 
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High-Speed File Transfer 


TCP is a chatty protocol, and when you're 
sending large data files across the Internet, 
it can get downright garrulous: Whenever 
a packet is dropped, all the data has to be 
re-sent. Two network engineers created a 
new application-layer protocol, fasp, and 
founded a company, Aspera, to combat 
this problem. Fasp doesn't require re¬ 
sending all the data—it sends only what's 
needed. Aspera also offers Aspera faspex 
Server 1.5, a digital package delivery 
system that enables users to send huge 
amounts of data to multiple groups, and 
a management console called Aspera 
Console that helps admins remotely 
manage Aspera servers and clients. To 
learn more, call 510-849-2386 or visit 
www.asperasoft.com. 


Additional services include BlackBerry and 
iPhone synchronization, Good Mobile Mes¬ 
saging for additional mobile device sup¬ 
port, and Secure Mail to send encrypted 
messages. BPS is available on a monthly 
contract priced at $ 15/user. To learn more, 
call 800-379-7729 or visi t www 
.intermedia.net. 


Free Tool Shows Group Policy 
Processing Status 
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SDM Software has released Group Policy 
Health, a free Windows PowerShell cmdlet 
that lets you check the status of Group 
Policy processing on remote systems. 

The product shows Group Policy process¬ 
ing status at a glance using a red-green 
color scheme—red means an error was 
returned, and green means processing suc¬ 
ceeded. It works on a single 
machine, all machines in 
an organizational unit (OU), 
or all machines in your 
domain and comes with a 
Help file explaining how 
to use it. To download the 
cmdlet, visit www.sdm 


software.com. 
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Better Email Archiving 
Through Easier 
Content Tagging 


Complete Messaging and 
Collaboration Solution 


Intermedia's Business Productivity Suite 

(BPS) provides a hosted, bundled set of 
Microsoft messaging products for small- 
to midsized businesses. BPS includes 
Microsoft Exchange Server 2007, Windows 
SharePoint Services, Microsoft Office Com¬ 
munications Server 2007, Microsoft Office 
Outlook 2007, and Microsoft Entourage 
2008, all with the full array of capabilities. 


Based on the concept that 
"not all email is equal," 
Mimosa Systems has 
added a new module to 


its NearPoint for Microsoft Exchange 
Server product: the NearPoint Retention 
and Classification Option. RCO aims to help 
lower storage costs and facilitate e-discov¬ 
ery by letting you set policies to archive 
only certain items. You can also specify the 
length of time that different classes of mes¬ 
sages will be retained and set policies for 
already-archived content. For more infor¬ 
mation, email info@mimosasystems 
.com or visi t www.mimosasystems.com. ^ 


Jeff James | jjames@windowsitpro.com 

Editor's Note: Send new product announcements to products@windowsitpro.com. 
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REVIEWS 


Palm Treo Pro 

Read the full-length review _ 

_ nstantDoc I D 101199 . 


Palm has released the Palm Treo Pro, a 
sleek, modern smartphone that's blessed 
with a smart, attractive design and loaded 
with features, such as Wi-Fi support, GPS, a 
2-megapixel camera, and the ability to serve 
as a high-speed modem 
for a laptop. The Treo Pro 
features a thin, rounded- 
edge design that's easy 
on the eye and cool 
to the touch. The LCD 
screen is bright and clear, 
the keyboard buttons 
are easy to use, and all 
the other buttons and 
switches have smooth, 
beveled edges. 

Battery life was 
generally good during 
testing, lasting 6-8 active 
hours on a full charge. 
The 1500 mAh lithium- 
ion battery fully recharged in just a few 
hours, but the Treo Pro’s AC adapter and USB 
connector were a bit flimsy and insubstantial 
for a phone that costs more than $500. 

All of that attractive hardware is powered 
by Windows Mobile 6.1 Professional, the 
latest version of Microsoft's mobile device 
OS. Windows Mobile 6.1 Professional is a 
significant improvement over earlier versions 
of Windows Mobile and much easier to use. 
However, Windows Mobile isn't the strongest 
selling point of the Treo Pro. Compared with 
the iPhone and theT-Mobile G1 mobile OSs, 
which are designed from the ground up for 
mobile users and oriented around touch¬ 
screens and fingertip use, Windows Mobile 
seems archaic, with all the aforementioned 
Windows design elements relatively ill-suited 
for a mobile device. 

Usability gripes aside, the ease with 
which the Treo Pro can be integrated into an 
existing Windows Server-based IT environ¬ 
ment is a strong selling point. Pocket Outlook 


is the default email client, and pocket ver¬ 
sions of Microsoft Excel, Word, and Power¬ 
Point make it easy to edit Microsoft Office 
documents on the go. 

Microsoft ActiveSync is preinstalled on 
the device and makes it easy for adminis¬ 
trators to integrate the device with their 
Exchange environment. Windows Mobile 6.1 
also introduces support for Microsoft System 
Center Mobile Device Manager 2008, which 
lets administrators perform mobile manage¬ 
ment tasks such as instant remote wipe of 
lost devices, and has an improved mobile 
device inventory. Mobile Device Manager is a 
compelling product integration solution for 
IT administrators who have invested heavily 
in Microsoft System Center products and 
truly extends the usefulness of the device 
from a management perspective. 

Despite my griping to the contrary, 
Windows Mobile isn't a bad smartphone OS; 
in some ways—particularly with its strong 
Exchange integration—it's clearly a superior 
solution for the enterprise. But in terms of its 
usability and capabilities, Windows Mobile 
(and Microsoft) has a lot of catching up to do 
to become a market leader. Heavy users of 
Exchange in the enterprise can't go wrong 
with the Treo Pro, but less corporate-minded 
users will likely want to look elsewhere for 
their mobile device needs. ♦ 

InstantDoc I D 101199 

Palm Treo Pro 

PROS: Loaded with cutting-edge features; rock- 
solid integration with Microsoft Exchange; sleek, 
slim hardware design 

CONS: Window Mobile 6.1 can't match the supe¬ 
rior mobile OS offerings available via the iPhone, 
BlackBerry Storm, and T-Mobile G1; flimsy USB 
power cable and AC adapter 

RATING: ♦♦♦♦O 

PRICE: $549 

RECOMMENDATION: If you're looking for a 
Windows Mobile-based smartphone, the Palm 
Treo Pro is an excellent choice. Windows Mobile 
6.1 excels at enterprise integration, but flashier 
smartphone alternatives might fit the bill for less 
demanding email interoperability needs. 

CONTACT: Palm • 800-881-7256 * www.palm.com 



Jeff James | jjames@windowsitpro.com 
PaulThurrott | thurrott@windowsitpro.com 
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Paul’s Picks 

www.winsupersite.com K 

SUMMARIES of in-depth product reviews* 5 
on Paul Thurrott's SuperSite for Windows 

HP MediaSmart Server 
ex485/ex487 

PROS: Improved processor, RAM, and stor¬ 
age capacity; excellent bundled add-ons 

CONS: Is still single core; requires two or 
more drives for best performance 

RATING: ♦♦♦♦♦ 

RECOMMENDATION: HP's MediaSmart 
Server ex485 and ex487 home servers are 
truly viable for users of all kinds, with a bet¬ 
ter processor (Intel Celeron), dramatically 
more RAM (2GB, up from 512MB), and more 
storage (750GB in the ex485 and 1.5TB in the 
ex487) than earlier models. Users can aug¬ 
ment MediaSmart Server's Windows Home 
Server (WHS) capabilities with third-party 
add-ons, including Server Online Backup, 
which backs up data to Amazon's S3 cloud 
storage system, and HP Media Collector, 
which aggregates digital music, photos, and 
videos from connected PCs. If you're looking 
for a stylish and well-made WHS solution, this 
is likely your best bet. 

CONTACT: HP* www.hp.com 

DISCUSSION: www.winsupersite.com/ 
server/whs_hp_2009.asp 

Windows Live Essentials 

PROS: Diverse group of applications; excel¬ 
lent cross-app and cloud-based integration 

CONS: Email application gets bogged down 
on email-heavy servers; buggy Messenger 
application; MovieMaker incomplete 

RATING: ♦♦♦♦O 

RECOMMENDATION: Microsoft moved 
Windows Live Mail, Messenger, Movie Maker, 
and other apps out of Windows and into a 
free, downloadable suite called Windows Live 
Essentials. The suite includes a new Windows 
Live Toolbar for Microsoft Internet Explorer, 
a surprisingly excellent blog editor called 
Writer, and other utilities. Because these apps 
are no longer bundled in Windows, they can 
be updated more frequently and, for busi¬ 
nesses, ignored as needed. Movie Maker 
remains in beta at press time, but Microsoft 
says it's committed to regular updates. I like 
what I see so far. 

CONTACT: Microsoft • 800-426-9400 • www 
.microsoft.com 

DISCUSSION: www.winsu persite.com/l ive/ 
wlwave3_explained_03.asp 
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REVIEWS ■ 


Lansweeper 


Read the full-length review at _ 

pro.com, Instant Doc I D 101219. 

Lansweeper is an automated inventory, 
reporting, and PC administration tool. It can 
quickly give you complete reports on your 
company's server hardware and installed 
software, as well as an overview of problem 
areas, such as unauthorized administrators 
or almost-full hard disks. Lansweeper has 
rich reporting and license-compliance tools 
and is a terrific gateway for troubleshooting. 

Installation is straightforward, but a little 
preparation pays off. Because your techni¬ 
cians will use a web page for most adminis¬ 
trative tasks, you'll need to install Microsoft 
Internet Information Services on the server, 
then download and install .NET Framework 
2.0 and install and configure a back-end 
database to which Lansweeper can store 
network information. The database can be 
SQL Server 2000 or later or the free SQL 
Server Express Edition. 


An installation wizard walks you through 
the rest of the setup process, including con¬ 
necting to the back-end database, setting 
up an NT service that can scan the machines 
on the network, and configuring an admin¬ 
istration website. After Lansweeper scans 
just one PC, you can start viewing the 
reports through a web browser. 

The Digital dashboard lets you jump to 
software, hardware, server, general, and 
license-compliance reports.The overview 
page—which contains High priority, Impor¬ 
tant, and Informational sections—helps 
direct your attention to problems you need 
to address. An Action screen provides an 
overview of a specific, inventoried com¬ 
puter, but it also lets you perform basic 
troubleshooting steps called Custom 
Actions. Some of the built-in custom actions 
are Remote control, Event viewer, Ping, Trace- 
route, Delete old user profiles, Show open files, 
and Who's logged on. Some Lansweeper 
customers have written their own custom 


actions and shared them with other users 
on the company's online forum. 

Lansweeper is inexpensive, and it just 
works. While testing it, I tried to root out 
deficiencies in the software or in usability, 
but found none. I recommend Lansweeper 
without reservation. Download the free ver¬ 
sion, and see if you agree. ^ 

InstantDoc ID 101219 


Lansweeper 

PROS: Includes useful troubleshooting tools for 
Help desk personnel; inexpensive price points put 
the product in reach of even the most budget- 
restricted administrator; Premium edition allows 
unlimited computers and administrators 
CONS: None 

RATING: ♦♦♦♦♦ 

PRICE: Free basic version; $150 for Premium 
edition 

RECOMMENDATION: Highly recommended 
for budget-conscious companies looking for a 
feature-rich inventory and troubleshooting tool. 
CONTACT: Lansweeper • www.lansweeper.com 


Parallels Virtuozzo Containers 


Read the full-length review _ 

pro.com, InstantDoc I D 101183. 


Unlike VMware's ESX Server or Microsoft's 
Hyper-V, which virtualize the hardware level, 
Parallels Virtuozzo Containers 4.0 virtual¬ 
izes at the OS level. OS virtualization offers 
lower overhead: All containers (Parallels' 
term for virtual machines) share the same 
OS level, so there's no need for an extra 
level of hardware virtualization. However, all 
containers must use the same OS—different 
containers can't run different OSs or have 
different hardware configurations. 

Parallels Virtuozzo Containers 4.0 for 
Windows can run on all the processor archi¬ 
tectures: x86, x64, and IA-64. On the soft¬ 
ware side, the product requires Windows 
Server 2003. Containers is compatible with 
Windows Server 2003 Standard, Enterprise, 
and Datacenter editions with SP1 or higher 
for both the x86 and x64 architectures. 
Notably, Containers 4.0 does not support 
Windows Server 2008. 

Installation was lengthy, requiring mul¬ 


tiple downloads and switching between the 
Windows 2003 installation media and SP1 
media. But using the Parallels Management 
Console (PMC) to create new containers was 
quick and easy. Because each container is a 
virtual OS, you can configure all the impor¬ 
tant OS properties when you create the con¬ 
tainer. You can create multiple containers at 
one time, and containers are ready to go as 
soon as they're created. 

Containers'use of templates sets it apart 
from other virtualization solutions and is 
a huge productivity boost. Application 
templates make the associated applications 
available in the container immediately after 
the container is created. 

Container performance was very good. 
Running five active containers didn't seem 
to tax the system at all, and response time in 
all the containers was very close to response 
time on a native physical system. 


Help for the product is HTML-based and 
well organized, but a bit too superficial to 
be truly helpful. For example, the Managing 
Templates section had no information that 
I could find on how to create an application 
template. 

Parallels Virtuozzo Containers is an excel¬ 
lent virtualization solution and an especially 

good choice for hosting providers. ▼ 

InstantDoc ID 101183 


Parallels Virtuozzo Containers 

PROS: Excellent performance; intuitive manage¬ 
ment console; quick deployment via templates 
CONS: Limited OS support; outdated application 
template; superficial help 

RATING: 

PRICE: $1,500 per processor plus 25 percent 
annual maintenance and support 
RECOMMENDATION: Highly recommended, 
especially for hosting providers and business that 
need to rapidly deploy new virtual servers. 
CONTACT: Parallels • 425-282-6400 • 
www.parallels.com 
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BUYER’S GUIDE ■ 


System Center Operations 
Manager 2007 


ADD-ONS 


Extend Ops 
Manager's reach 

by Anne Grubb 


[Editor's Note: For a somewhat longer and more detailed version of 
this article, go to www.windowsitpro.com and enter 101301 in the 
InstantDoc ID text box at the top of the page.] 

D ozens of management packs available from Micro¬ 
soft and other vendors extend the base function¬ 
ality of Microsoft Systems Center Operations Manager 
2007. Third-party vendors have further extended Ops 
Manager's capabilities through an assortment of add¬ 
on solutions. The buyer's guide table (which is online at 
www.windowsitpro.com, InstantDoc ID 101301) focuses on third- 
party management packs and add-on software for midsized and 
enterprise Ops Manager environments. 

Management Packs and Add-ons 

The base Ops Manager product provides a comprehensive range of 
monitoring and reporting services. Management packs extend Ops 
Manager to enable it to monitor specific enterprise applications. Add¬ 
ons fill in the functionality gaps not covered by management packs. 

One type of add-on provides niche enhancements that add 
specific functionality, such as monitoring compliance or generat¬ 
ing Microsoft Office Visio diagrams that let administrators view Ops 
Manager information in the context of their business processes. 
Another type, typically called a connector, integrates Ops Manager 
with another monitoring application, such as the EMC Smarts moni¬ 
toring system or the Zenprise Exchange and BlackBerry monitoring 
systems. 

Trends in Ops Manager Solutions 

Management packs for Ops Manager and its predecessor, Microsoft 
Operations Manager, have traditionally focused on extending the 
base management solution to monitor "big ticket" applications, 
such as Microsoft Exchange Server 2007, DNS, Microsoft SQL 
Server, and Citrix Systems applications. But one recent trend in 
Ops Manager management packs is support for interoperability, as 
evidenced by Microsoft and Novell's announcement at the Microsoft 
Management Summit 2008 last May of their agreement to extend 
Ops Manager to monitor Linux and UNIX. 

Another notable recent trend in System Center add-on products 
is root cause analysis (RCA)—essentially identifying and eliminat¬ 
ing the underlying cause of a system problem, rather than flagging 
and responding to symptoms of the problem. Microsoft took a step 
toward strengthening Ops Manager's RCA capability when it licensed 


EMC's Smarts technology in March 2007 with the eventual goal of 
building EMC Smarts network-monitoring and RCA technologies 
into a future version of Ops Manager. The Zenprise and EMC Smarts 
connectors both give Ops Manager access to RCA information. 

Features to Look For 

Whether you're considering purchasing a management pack or an 
add-on point solution, the first question you'll want answered is 
what OSs and applications the product works with. If your environ¬ 
ment includes a mix of Windows and non-Windows systems, make 
sure the solution supports all the platforms you want to monitor. 

The next key consideration is the type of monitoring and alerting 
the product performs and the metrics it provides. Most Ops Manager 
add-ons monitor Windows Management Instrumentation and the 
Windows event logs, typically in near real time. Look for solutions 
that provide both monitoring and alerting. Management packs 
and some add-on products typically provide application-specific 
measurements, such as performance, number of users, network 
connectivity, and transactions per second. Some solutions also pro¬ 
vide mean time between failures (MTBF) and mean time to failure 
(MTTF) statistics. Products oriented toward compliance monitoring 
might report data such as security configuration or audit settings. 

Some administrators will want to know whether the product 
requires installing additional agents beyond those that Ops Manager 
uses. You might not be able to avoid the overhead of running addi¬ 
tional agents. 

You'll also want to look at the solution's support for regulatory 
and data-retention compliance. For example, does the product pro¬ 
vide some type of monitoring for compliance and generate alerts to 
ensure compliance, such as ensuring that certain data is archived? 

Extending Ops Manager 

Third-party management packs and add-on solutions provide a 
myriad of options for extending Ops Manager's already considerable 
monitoring and reporting faculties. When evaluating products, first 
determine the scope of the solution you need, whether it's compre¬ 
hensive application or platform monitoring or a particular enhance¬ 
ment to Ops Manager. Then use the solutions and features listed in 
the buyer's guide table to zero in on the right add-on product. ^ 
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■ Cloud Computing ■ Mobile & Wireless ■ SharePoint 


INSIGHTS FROM THE INDUSTRY 


Sassy SaaS Lingo: When Is the Right Word Right? 


How many names can you think of for 
cloud computing? Take a moment. 

Are you ready? Here's what I come up 
with: Cloud computing. Application service 
provider (ASP). Managed service provider 
(MSP). Outsourcing. On-demand. Hosted 
service. Software as a Service (SaaS). And 
let's not forget the Microsoft entry on the 
list, Software Plus Services (S+S). 

I'm sure there are other names; feel free 
to tell me what they are. This plethora of 
designations is probably due to the fact 
that the concept has been developing 
over quite a few years, plus the fact that 
the idea has really taken off and grown 
dramatically over the past year or two—an 
overnight success after a lengthy gestation 
period. As companies, such as Microsoft, 
look to put themselves forward in this 
arena, they come up with terminology they 
feel will make them stand out from their 
competitors. That's only natural: It's called 
marketing. 

But if you look at my list again, I think 
you'd agree that many of these terms have 
subtle—or not so subtle—variations of 
meaning. For instance, the term outsourc¬ 
ing might bring up negative connota¬ 
tions—sending jobs overseas to countries 
such as India. (A side note: When I talk to 
service providers these days, it's interest¬ 
ing how some of them are highlighting 
the fact that all their workers are US-based 
because that could be a factor on which 
some prospective clients might base a 


decision. For instance, I spoke recently with 
representatives of Movero Technology, a 
company that that provides complete life 
cycle management for mobile devices as 
a hosted service, and one thing that was 
pointed out to me was that in addition to 
having support available at any time, all 
the company support technicians were 
trained, certified, and based in the United 
States.) 

Other off-center terms from my list: ASP 
and MSP actually refer to the providers, not 
the service or concept itself. It's interesting 
to note that MSP wasn't originally specific 

Is there a difference 
between cloud 
computing and 
SaaS? 

to IT services, but the term has become 
more and more so recently. 

And then I wonder about the difference 
between cloud computing and SaaS. Is 
there a difference? I sense that the terms 
have slightly different meanings—that 
cloud computing is larger than SaaS. 
Perhaps cloud computing encompasses 
things such as cloud OSs—Windows Azure, 
Amazon EC2—and applications in the 
cloud, but SaaS is more specific to applica¬ 
tion-level hosted services. I'm reminded of 
a Monty Python bit where John Cleese as 


the logician explains that "All of Alma Scog¬ 
gins is dead, but not all of the class of dead 
things are Alma Scoggins." Or something 
to that effect. So is it the case that all SaaS 
is cloud computing, but not all cloud com¬ 
puting is SaaS? 

While talking about the terminology 
related to the cloud, here's one on the 
other side: on-premise vs. on-premises. A 
simple consult of your dictionary will reveal 
that a premise is an idea and premises refers 
to a location or to real estate (there is no 
singular form of the word for this mean¬ 
ing). Therefore, if you host your applica¬ 
tions yourself, they are on-premises. 

However, a simple Google search 
reveals that the use of on-premise is far 
and away more common. (Indeed, you'll 
find this incorrect usage frequently even in 
our articles on windowsitpro.com —shame 
on us!) I suppose the incorrect version is 
more common because people don't real¬ 
ize that the word is only in plural form. 

Also, it's easier to say. 

Or is there another reason? Marketing! 
As one of my editorial colleagues pointed 
out, "I like to think we have marketers to 
blame for such widespread yet obviously 
incorrect usage, because the alternative 
seems to be that the IT populace wants to 
develop its own bastardized form of Eng¬ 
lish." Of course, there is something to be 
said for IT creating its own lingo—can you 
say iSCSI, IOPS, or SaaS for that matter?— 
but ultimately that's different from simply 
using a term in an ungrammatical way. 
Marketers are more interested in sounding 
good than being right, IMHO. 

Here's a final thought: All of our read¬ 
ers are brilliant IT professionals, but not 
all brilliant IT professionals are among our 
readers. If you've read this far, give yourself 
a pat on the back from me. 

—B. K. Winstead 
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Mobile Phones Will Be Primary Internet 
Access Point in 2020 


A recent study by the Pew Internet & American Life Project predicts 
that the mobile phone will be the primary point of Internet access 
for most tech consumers. The report also forecasts that the line 
between work life and personal life will continue to blur, as tech¬ 
nologies such as touch-screen interfaces and voice recognition will 
become more prevalent by 2020. 

The study surveyed 1,200 tech-sawy participants about what 
they expected from the future. The respondents predicted that tele¬ 
phony will be offered under a set of universal standards and protocols 
accepted by most operators internationally, making for reasonably 
effortless movement from one part of the world to another. For the 
small-to-midsized business (SMB) owner, the results of the survey sug¬ 
gest that a more internationally flexible mobile infrastructure will make 
international transactions and growth easier, while the prevalence 
of the web on mobile devices and smartphones (which the survey 
predicts will have considerable computing power by 2020) will let SMB 
owners access their business dealings nearly anytime and anywhere. 


Moreover, the survey suggests that outside of formally sched¬ 
uled activities, work and play will be seamlessly integrated in most 
workers'lives. Pew considers that this potential future would be 
a net positive for people, as communication flexibility lets them 
blend personal and professional duties wherever they happen to 
be when called upon to perform them, be it at home, the gym, 
the mall, a library, and possibly even their company's communal 
meeting space, which might exist in a new virtual-reality format. A 
majority of expert respondents (56 percent) agreed with the state¬ 
ment that in 2020"few lines (will) divide professional from personal 
time, and that's OK." 

Not everyone who participated agrees, however. "The result 
may be longer, less efficient working hours and more stressful 
home life," says participant Victoria Nash, director of graduate stud¬ 
ies and policy and research officer, the Oxford Internet Institute. 

—Jason Bovberg 
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ACEmessage is a Desktop Alert Solution to 
deliver messages over Open Applications on 
the users desktop... instant information! 


ACEmessage 

* Fast, One-Way, Centralised Distribution 

* Multiple Desktop Popup Styles 

m Message Thousands of Desktops in Seconds 
m Active Directory Int< 

* Free 30 Day Trial 
For more information visit WWW.spydaman.com 
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We would never tell a lie... 



... but we've been caught 
bragging now and then. 


take our word for it! Read our magazine 
our web site today! Keep the discussions 
osting blogs, commentary, videos and more. 

www.windowsitpro.com 


WindowsITPro 


That's why we're going to let our readers 
tell you why Windows IT Pro is the top 
independent publication and Web site 
in the IT industry. 

So, direct from our readers' mouths 

i 




"Love this magazine. Lots of good, unbiased Windows/ 
Microsoft info. Tons of great content and articles...even 
some great IT humor!!" 

"This is *the* magazine dedicated to advanced topics on 
the Windows NT series (NT, 2000 and XP). As the most 
popular and one of the best operating systems, Windows 
NT series is incredibly complicated, and this magazine, 
issue after issue as well as on its cluttered website, gives 
you lots of detailed information." 

"Just want to commend you on a great article series 
on Powershell. It was fantastic. And your capping it off 
with the September 2008 article on managing AD with 
Powershell was a five-page knockout. Hey, that's why I 
subscribe to your magazine." 


P R 0 D U C T S 


■ INDUSTRY BYTES 


Lotus and SharePoint: Side by Side 


Microsoft SharePoint has quickly become the dominant player in 
the collaboration software market. Microsoft's deep integration of 
the Office product line makes it a natural collaboration choice for 
companies that run the Exchange/Office platform. But what about 
companies that don't use Office, such as those that run Lotus Notes? 
Should they migrate to the Microsoft products to take advantage of 
SharePoint's rich collaboration offerings? 

According to a recent study by Ferris Research, "One in eight 
Lotus Notes customers are considering migrating to Outlook and 
Exchange, but most customers do not follow through because of 
the high cost and complexity of the project." And according to Rob 
Koplowitz, principal analyst at Forrester Research: "If you are a Notes 
user with a significant investment in Notes applications, be careful 
not to underestimate the cost of recoding those applications for 
SharePoint—or the disruptive impact on knowledge workers. The 
cost and risks associated with moving applications to a new platform 
may outweigh the benefits." He also suggests that the best solution 
for some companies is to let Notes and SharePoint live side by side. 

One company that agrees with the coexistence approach is 
Mainsoft. In a briefing with the company, I learned about a product 
that lets you stay with Lotus, yet take advantage of the SharePoint 


platform. Mainsoft's SharePoint Integrator for Lotus Notes 1.5 is a 
client-side plug-in for Notes that lets business users access, modify, 
and publish email and attachments on SharePoint directly from the 
Notes environment. 

"Given the widespread use of Microsoft Office on the desktop, 
it's not surprising to see SharePoint emerging in most organizations, 
including those that use Lotus Notes, Sametime, and Domino,"said 
Yaacov Cohen, president and CEO of Mainsoft. "Notes users are sur¬ 
rounded by SharePoint sites, and they get stuck with limited inte¬ 
gration between messaging and collaboration platforms. Team work 
suffers, and managing team records is all but impossible. Mainsoft 
SharePoint Integrator promotes team collaboration, without enter¬ 
prise IT having to migrate their messaging platform." 

SharePoint Integrator for Lotus Notes combines SharePoint's col¬ 
laboration and document-sharing capabilities with the email and IM 
capabilities of Lotus Notes and Sametime, enabling organizations to 
leverage the promise of both products and achieve the benefits of 
an integrated collaboration environment without the hassles, cost, 
or risks of a migration. To learn more, go to www.mainsoft.com. ^ 

--Gayle Rodcay 

InstantDoc ID 101028 


Now you can manage your 
Windows IT Pro accounts 
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• Print invoices and statements 
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TODAY! 
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myaccount.pentontech.com 

windowsitpro.com/myaccount 
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invoice or your magazine’s mailing label. 



BI* lateral 


be-i la-t(9-)r9l 

(adj.): of or 
relating to both 
the front and back 
ends of business 
intelligence 


Windows [ LEARN | from the top BI experts such 
IT Pro as Derek Comingore and Dan Holme. 

is your 
definitive 
source for 
BI tools. 


|BUILD, the best platforms and reports 
with help from SQL Server Magazine. 


| MASTER, data-delivery with front-end 
solutions in Windows IT Pro magazine. 


ET, how-to information, industry 
trends, and commentary by experts 
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where IT pros creatively and proactively drive busi¬ 
ness value through technology. 

www.windowsdevpro.com 

Office & SharePoint Pro 
Dive into Microsoft Office and SharePoint content 
offered in specialized articles, member forums, 
expert tips, and Web seminars mentored by a com¬ 
munity of peers and professionals. 
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Linked In: To check out the Windows IT Pro 
group on Linkedln, sign in on the Linkedln 
homepage (www.linkedin.com) , select the Search 
Groups option from the pull-down menu, and use 
"Windows IT Pro" as your search term. 

Face book: We've created a page on Facebook 
for Windows IT Pro, which you can access at: 
http://tinyurl.com/d5bquf. Visit our Facebook 
page to read the latest reader comments, see links 
to our latest web content, browse our classic cover 
gallery, and participate in our Facebook discus¬ 
sion board. 


Twitter: Visit the Windows IT Pro Twitter page at 
www.twitter.com/windowsitpro. 


Regional Forums: We've introduced regional 
areas in our online forums, allowing IT user group 
leaders and other readers interested in meeting 
locally to more easily communicate with each other. 
Visit our forums at www.windowsitpro.com/forums 
and scroll down to see the new regional forums. 
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■ CTRL+ALT+DEL _ 

by Jason Bovberg 

Some of Our Favorite 

TECH ACIBON’ 

We use acronyms a lot in Windows IT Pro. They save time and 
space. But there are so many in this industry that we some¬ 
times get them wrong, despite our careful web research. 
Although the following acronyms appear accurate, we've 
found that their expansions are a little off. We apologize if 
we've used the following incorrectly. 

AMIGA-a Merely Insignificant Game Addiction 
—Arrogance Produces Profit-Losing Entity 
BASIC —Bill's Attempt to Seize Industry Control 
CD ROM —Consumer Device Rendered Obsolete in Months 
CO BO —Completely Obsolete Business Oriented Language 
DEC —Do Expect Cuts 
DOS —Defunct Operating System 
IBM— i Blame Microsoft 
ISDN— it Still Does Nothing 
LISP —Lots of Infuriating, Silly Parentheses 


WE NEED YOUR 
STORIES! 

Ever have one of those days 
when users unintentionally 
tickle your funny bone? Ever not 
have one of those days? We've 
published several hilarious end- 
user moments in this space, and 
we want to hear some more! 

In 150 words or fewer, send 
your greatest, funniest, most 
embarrassing user experience 
to rumors@windowsitpro.com, 
and we might just publish it on 
this page. We'll even send you a 
Ctrl+Alt+Del mug! 


MACINTOSH _M 0St your greatest, funniest, most 

Applications Crash; if Not, embarrassing user experience 

the OS Hangs to rumors@windowsitpro.com, 

MICROSOFT-Most and we might just publish it on 

Intelligent Consumers this P a 9 e - We'll even send y° u a 

Realize Our Software Only Ctrl+Alt+Del mug! 

Fools Teens 

MIPS —Meaningless Indication of Processor Speed 
OS/2 —Obsolete Soon, Too 

PCMCIA —People Can't Memorize Computer Industry 
Acronyms 

PENTIUM —Produces Erroneous Numbers Through Incorrect 
Understanding of Mathematics 

PICNIC —Problem in Chair, Not in Computer (e.g.,"We have a 
PICNIC situation") 

SCSI —System Can't See It 

5—Will Install Needless Data on Whole System 

—World Wide Wait 



One day, I got a call from our company president's executive assistant. I had 
recently installed and configured this user's work-at-home PC. Over 
the phone, she told me that her brand-new scanner was no lon¬ 
ger working. I advised her to reboot—no luck. I walked her 
through a few more trou¬ 
bleshooting steps—still 
nothing. So I made the 
short trip to her home, 
observed the situa¬ 
tion, and recalled 
Occam's Razor, 
which states, "All 
other things being 
equal, the simplest solution is the best." I calmly 
reached over and turned on the scanner's power 
switch to solve the problem. This user is no longer 
allowing her cat to climb all over the equipment in 
her home office. 


Time to revert to zero-letter keywords 
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Finally, Affordable Enterprise-Class Archiving 


Introducing Sunbelt Exchange Archiver. Sunbelt 

Exchange Archiver (SEA) is a robust new product which 
delivers real enterprise-class email archiving, at a price that 
won’t break your budget. Get comprehensive legal and 
regulatory compliance. Reduce your Exchange storage by 
up to 80 %. Securely store emails on your choice of media, 
using the built-in Hierarchical Storage 
Management. And, find archived emails 
rapidly with full-text search for e-discovery 
or compliance. 


Compliance, e-Discovery, and legal 
readiness. If you need to archive emails 
for regulatory or legal reasons, SEA has 
you fully covered. Emails are stored in 
their original form, in whatever secure 
media you prefer, with complete flexibility 
on retention. Need to find an archived 
email? Simply use SEA’s powerful 
integrated full-text search of emails and 
attachments, and you’ll be ready at a 
moment’s notice for e-discovery or legal 
requests. 

Seamless end-user experience. SEA 

is fully transparent for your users, whether 
they’re running Outlook, OWA, Blackberry 
devices or even Entourage on the Mac - with 
no special client software needed. Trusted 
end users can be delegated granular authority 
with the included web-interface or optional Outlook 
add-in. They can do off-line synchronization, and search, 
edit, forward, move or delete archived emails. 



Most Valuable Product 


Up to 80% smaller message store. With SEA, you’ll 
dramatically reduce your Exchange storage. The benefits are 
clear: faster backup times, better Exchange performance, 
and faster recovery. 

Journaling not required. It’s a fact that using the 

Exchange Journaling mailbox for archiving 
dramatically affects server performance. 
With SEA, Journaling is an option - the 
program’s breakthrough Direct Archiving 
feature stores all emails immediately after 
they are received, keeping load off the 
Exchange server. 


"Exchange performance 
is suffering. Your users 
complain about email 
storage. Your CEO wants 
legal compliance. 

Now what?" 



No more PST headaches! SEA gets 
rid of pesky PST files that are a major 
admin headache. SEA automatically finds 
them, imports them, and makes them part 
of your user’s archive. 

Great for disaster recovery. No 

matter where you email is stored, business 
continuity is assured with SEA. Using the 
included web client, users can continue to 
see and use their email even if Exchange is 
down. 

Archiving’s time has come for 
everyone. Contact us today and see how 
SEA solves your legal and compliance 
headaches and immediately improves the performance of 
Exchange - while saving critical budget dollars. 



Sunbelt Software 


Get a Free Quote and See How Cost-effective Sunbelt Exchange Archiver Really Is! 

Email sales@sunbeltsoftware.com or call 888-688-8457 


Sunbelt Software Tel: 1-888-688-8457 or 1-727-562-0101 Fax:1-727-562-5199 www.sunbeltsoftware.com sales@sunbeltsoftware.com 

© 2007-2008 Sunbelt Software. All rights reserved. Sunbelt Exchange Archiver is a trademark of Sunbelt Software. All trademarks used are owned by their respective owners. 





















From: Renewal time, here comes 
the pain again 

To: Predictable pricing & 
consistent support 
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NO-NONSENSE 
WEB FILTERING 


That's what you'll get when you switch to iPrism from 
St Bernard - the award-winning web filter that's easier 
in every way, and less expensive to own. 

iPrism is changing the way companies and schools 
everywhere handle their web filtering. With blaz 
ing throughput speeds up to 100+ Mbps, anti-virus 
protection and seamless XenApp and Active Directory 
integration, iPrism is the appliance-based solution of 
choice for customers and institutions of any size 

Find out more about the easiest-to-deploy, most 
highly rated web filtering solution ever-the industry's 
ONLY Citrix-ready web filtering appliance. 


Call 1.800.782.3762 or go to www.SwitchToiPrism.com 


StBernard 

FLIP THE SWITCH 

Get your R! iPrism® Switch Kit today: 

FREE 30-day onsite evaluation 

that can be deployed without any client or 
network changes 

FREE enhanced technical support 

for setting up matching policies, reports & alerts 
based on your current settings 

INCENTIVE PRICING & A FREE T-SHIRT 

just for watching a live demo 


iPrism® h-Series, the world's #1 Web Filtering appliance. 

© 2008 St Bernard Software, Inc. 



